On Wed, Aug 05, 2009 at 01:49:46AM +0300, Stathis Kamperis wrote:
After a system upgrade, I forgot (although I usually do) to re-run
veriexecgen and I ended up with an unusable system. During boot, some
binaries, which were updated, generated hash mismatches (reasonable)
and I couldn't even login. I had to hard reset the system, boot up
single user mode, fsck my partitions, edit rc.conf to not load
veriexec, reboot, regenerate the hashes and enable it again in
rc.conf.
Well, at least you know it is effective ;) (you have to allow me a bit
of humour here... I cannot count the number of times some bug or other
caused me the same sort of grief when I was developing veriexec)
It is doable, it's just inconvenient. I think it should be documented
or perhaps be automated in some way.
Documented, yes, automated no. I strongly believe that this sort of
security enforement needs to be thought about when updating.
I think another bullet point in the "things to remember" section would
probably be a good approach.