> Apparently, this is something you kernel hackers don't approve of, since
> you've recently removed EXPORT_SYMBOL(sys_call_table) from
> kernel/ksyms.c - so my question is whether there is some other preferred
> method for accomplishing this without forcing the user to patch and
> compile a new kernel. Is there some API for wrapping system calls which
> I am unaware of, or are there plans to provide one?
Maybe you could use the Linux Security Module hooks for
open() and exec() to pass a request to your virus scan
software ?
Note that this kernel module needs to be GPL, due to the
fact that it's a derived work of the kernel itself. This
only applies to the kernel module that asks the virus
scanner to check the files for virusses, not necessarily
the virus scanner itself.
Rik
-- Bravely reimplemented by the knights who say "NIH". http://www.surriel.com/ http://distro.conectiva.com/ Current spamtrap: <a href=mailto:"october@surriel.com">october@surriel.com</a>- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/