Subject: Re: verified executable kernel modification committed
To: Brett Lymn <blymn@baesystems.com.au>
From: Perry E. Metzger <perry@piermont.com>
List: current-users
Date: 10/31/2002 11:00:50
Brett Lymn <blymn@baesystems.com.au> writes:
> On Thu, Oct 31, 2002 at 12:58:23AM -0500, Roland Dowdeswell wrote:
> > Only if you hack your kernel to not execute files which do not have
> > the schg flag set. Otherwise, what's to stop you from executing
> > other files?
>
> Yes, this was one of the major motivators for me - how to only execute
> files that are "known good", not only from the point of view of not
> being tampered with but also whether the file should be there in the
> first place.
Well, if we want to restrict the list of files being executed at a
particular secure level, there are less CPU intensive ways than doing
a hash. One could simply use the code paths Brett has already written
to take a list of inodes that are trusted for execution (presumably
all set immutable as well.) A lot cheaper than using a hash for this.
Perry