Subject: Re: verified executable kernel modification committed
To: Christopher Richards <richards+netbsd@CS.Princeton.EDU>
From: Lennart Augustsson <>
List: current-users
Date: 10/29/2002 21:14:37
I'd love to see PCC incorporated into NetBSD.  And Peter would probably
like it too. :-)
But I've got no time to do the work. :(

    -- Lennart

Christopher Richards wrote:

>Brett Lymn <> writes:
>>        First off let me say a big thanks to the people who told me
>>this crazy idea was good.  Especially thanks to Jason R Fink for doing
>>the hard yards and helping me out in thrashing this into the shape it
>>is currently in.  I feel this code is ready enough to be useful but
>>there are some aspects that can be improved on.
>It would be a great advantage if the verified exec framework were
>flexible enough to accommodate a variety of verification schemes.
>Cryptographic hashes may be the most obvious of these, but there are
>others -- Proof-Carrying Code [1, 2], for example, where execution of
>a binary is permitted only if its associated proof of safety satisfies
>the system proof-checker.
>For an overview of PCC and mobile-code security, see Peter Lee's page
>at <>.