Re: [Dazuko-devel] DazukoFS 3.0.0-rc1 doesn't build

[John Ogness]

On 2008-10-07, address@hidden wrote:
> Do you know if there is way to hack antivir using this version of
> dazukofs? antivir was ok with the previous version
> (dazuko-2.3.5-nullfs-0.0.3).

The previous version (dazuko-2.3.5-nullfs-0.0.3) is based on the
Dazuko 2.x code and model. That model was based on file names being
passed to registered applications and registered applications being
allowed free reign on the system. This has the following security
issues:

1. path names are unreliable

2. giving free reign to any application is a bad idea

DazukoFS 3 takes care of both of these issues by providing the
registered application with a read-only, already opened file
descriptor. This allows the registered application to scan the
contents without ever having to open a file. Thus, the registered
application does not require any more priviledges than any other
application (except for accessing the DazukoFS device, of course).

Since the new model represents a fundemental change in the way Dazuko
works, it is not possible to "trick" Dazuko 2.x applications into
using the DazukoFS 3.x interface. It would require adding backwards
compatible hooks into DazukoFS (and I don't want to do that).

I realize that for anti-virus vendors, adapting to the new DazukoFS
requires some effort. That is why I made sure it was a completely
separate interface. If a vendor wanted, they could easily support
Dazuko and DazukoFS simultaneously, and choose whichever is available
on the system. In my opinion, the changes required would be rather
small.

I know that Avira GmbH is currently evaluating DazukoFS. Once DazukoFS
is officially released, perhaps they will include support for it in
their on-access scanner.

John Ogness