|
|
|
|
|
|
by yjftsjthsd-h
693 days ago
|
|
|
> and I can't imagine a av module able to intercept filesystem and syscalls to be only using non-core symbols. I can, considering that you can do that from user space using strace. Or ebpf which is probably the actual right way to do this kind of thing. |
|
|