Critical Linux security API is still a kludge

last updated in Categories Linux, Linux desktop, Security

Think again… do you need the anti virus software for Linux?

THE TALK lately has centred about Vista’s security APIs, but Linux certainly needs improvements in this area, because AV vendors still rely on an external kernel module to implement “real time” file scanning.

Resident virus scanners need to intercept file access and allow or deny read operations on executable files only after a file’s safety has been determined. On the Linux world, a German company dubbed “Avira GmbH” designed an API to allow “on-access” virus scanning, which based on a kernel module allows to intercept file access calls and passing control to a third party application, in this case the anti-virus scanner. According to the project’s web page, “Dazuko has been released as Free Software in order to allow users to compile the device driver for their own custom kernels”. The problem is that it’s not a part of the current Linux kernel, so users must either rely on the Linux distributor’s willingness to ship pre-built binaries of the loadable kernel modules, or more often than not, having to compile such modules themselves.

Read more at theinquirer


Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.