AntiVirus?

[Colin Walters]

On Sun, 2005-03-20 at 18:47 -0500, Gregory Maxwell wrote:
> On Sun, 20 Mar 2005 23:29:12 +0000, Mike Hearn <mike at navi.cx> wrote:
> > Right. Actually I have a prototype SELinux "quarantine zone" policy file
> > open in emacs right now. I've been writing a packaging/installer system
> > for a while and the spyware question is common enough to be in the FAQ:
> 
> What would be neat is for somone to make a version of GLIBC that can
> live inside a seccomp jail, a little loader that can prelink an
> executable with that glibc and put it in  the jail,  and an interface
> that lets you "yes / no" syscalls. :)

Prompting the user for access control decisions at the level of system
calls is not useful unless your target audience is solely "Linux kernel
developer"; i.e. .01% of Fedora users at best.  Even at a much higher
level you have to assume that if you prompt for this kind of stuff, 50%
of the time they're going to get it wrong.