On Sun, Jan 04, 2009 at 03:17:33AM +0000, Jamie Lokier wrote: > Justin P. Mattock wrote: > > >One feature we are kicking around to make life easier for SELinux: > > >sometimes the filesystem can run while SELinux is not running, and > > >security labels will be wrong when SELinux re-enters the picture. We > > >have in mind to provide a persistent log of filesystem events that the > > >security system can attach to on startup and find out what went on in > > >its absence. > > > > That sounds like a feature Windows had for many years now, (since > Windows 2000?). It complements the Windows equivlant of > dnotify/inotify/fsnotify. Arguably you want to do this in the VFS layer, not in the low-level filesystem level if you want most applications to adopt it. > It's used for file indexing too (think equivalent to Spotlight, > Beagle, etc.), and other types of security scanning (think equivalent > to Tripwire). Eric Paris has a patch he's been proposing for a while now for a new notify mechanism designed for anti-virus scanners... - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
