Date: Fri, 8 Jun 2001 14:08:10 +0100 (BST) From: Doug Rabson <dfr@nlsystems.com> To: Assar Westerlund <assar@FreeBSD.ORG> Cc: "Patrick W. Penzias Dirks" <pwd@apple.com>, <FreeBSD-FS@FreeBSD.ORG>, <FreeBSD-Arch@FreeBSD.ORG> Subject: Re: Support for pivot_root-like system call? Message-ID: <Pine.BSF.4.33.0106081406540.24280-100000@herring.nlsystems.com> In-Reply-To: <5lelsvtawi.fsf@assaris.sics.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8 Jun 2001, Assar Westerlund wrote: > "Patrick W. Penzias Dirks" <pwd@apple.com> writes: > > I'm the filesystems tech lead in Apple's Mac OS X Core OS group. > > Prompted by the needs of, among others, virus protection software > > developers who want to be able to mount "on" the root directory to > > intercept ALL filesystem calls in the system, I'm contemplating > > implementation of a new system call in Mac OS X to do something like > > Linux's pivot_root system call: > > > > int pivot_root(const char *new_root, const char *put_old); > > Could you explain to me/us how you would implement virus protection > software (or something similiar), based on pivot_root? > > Is there any such stuff for linux that uses pivot_root? Musing about virus protection (not particularly about pivot_root), I guess the best way to intercept all attempts to manipulate files on a given fs would be to make the virus checker a stackable VFS layer. -- Doug Rabson Mail: dfr@nlsystems.com Phone: +44 20 8348 6160 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0106081406540.24280-100000>