> It might be better to identify the services (gateway, samba, file > server whatever) that are actually dealing with possible infected > "external" files and then define some generic interface that would > allow you to check those as the data appears.
I am wondering if the right interface is actually more related to the existing audit interfaces ? - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
