Folks,
        I getting close to having an idea I had working and I am
looking for some willing volunteers for some rather alpha kernel code.

The code I have been working on adds a validation of a MD5 signature
on exec.  I am thinking that if I add a "new" securelevel, level 3,
then exec could refuse to run any unsigned binary.  I believe that
this facility closes a large number of trojan horse opportunities
(yeah, this can be done with immutable flags...) and gives fine grain
control of what people _can_ run _even_as_root_ (which cannot,
currently, be done).

The code I have appears to work.  Tentative measurements put the
impact at less than 10% slowdown (I cache the MD5 signature in the
DNLC after evaluation which takes the impact down from a 70% slowdown)
but I need to confirm this with the fully functional mod in place.  A
more aggressive MD5 caching method may improve things a lot.  I can
also see some obvious code improvements so the current state should
not be taken as representative of where I want to be :-)

So, anyone brave want to try some code that may, potentially eat your
whole system and spit the bits back out (well, not quite ;-)?  I have
tested this stuff on i386 architecture only.

BTW Does anyone have a pointer to an explanation of how to do a
hashing system?  I vaguely know what hashing does but I don't have a
clue how to implement one - my Engineer training meant that I missed
out on CS-101 ;-)

-- 
===============================================================================
Brett Lymn, Computer Systems Administrator, British Aerospace Australia
===============================================================================