Bug#690737: CONFIG_FANOTIFY_ACCESS_PERMISSIONS
Hello Ben,
I hope you as the uploader of the latest versions of linux-image
packages, can help me with Debian bug #690737.
The fanotify interface is the basis for on access malware detection
in the Linux kernel. The development of a prior solution (DazukoFS)
has been stopped therefore.
Both free (ClamAV) as well as commercial viurs scanners (Sophos
Anti-Virus, AVG) using this interface exist.
Since kernel version 3.8.0 the implementation of the fanotify inter-
face is errorfree enough to be used on a productive system.
Unfortunately Debian users have to build their own custom kernel (with
kpkg) if they want to use a virus scanner relying on the fanotify
interface as CONFIG_FANOTIFY_ACCESS_PERMISSIONS is set to "N" even in
the most recent uploads.
Greg Kroah-Hartman the current Linux kernel maintainer for the -stable
branch wrote that he expects the distros to enable the API
(https://lkml.org/lkml/2013/6/15/174):
"We only set options to 'default Y' if they are needed in order to keep
your machine working properly. Now that this option has been around for
a while, changing the default will not affect anyone's machines, as they
will not see that change.
Why not just work with the distros to enable fanotify, that's where you
need this enabled, not here. Those are the majority of users, not
kernel developers who pick their own kernel configurations."
Best regards
Heinrich Schuchardt
Reply to: