Subject: Re: verified executable kernel modification committed
To: Christopher Richards <richards+netbsd@CS.Princeton.EDU>
From: Lennart Augustsson <firstname.lastname@example.org>
Date: 10/29/2002 21:14:37
I'd love to see PCC incorporated into NetBSD. And Peter would probably
like it too. :-)
But I've got no time to do the work. :(
Christopher Richards wrote:
>Brett Lymn <email@example.com> writes:
>> First off let me say a big thanks to the people who told me
>>this crazy idea was good. Especially thanks to Jason R Fink for doing
>>the hard yards and helping me out in thrashing this into the shape it
>>is currently in. I feel this code is ready enough to be useful but
>>there are some aspects that can be improved on.
>It would be a great advantage if the verified exec framework were
>flexible enough to accommodate a variety of verification schemes.
>Cryptographic hashes may be the most obvious of these, but there are
>others -- Proof-Carrying Code [1, 2], for example, where execution of
>a binary is permitted only if its associated proof of safety satisfies
>the system proof-checker.
>For an overview of PCC and mobile-code security, see Peter Lee's page