Subject: Re: Volunteers to test some kernel code...
To: Brett Lymn <firstname.lastname@example.org>
From: Dave McConnell <email@example.com>
Date: 06/11/1999 10:46:07
The "hash seed" and public/private key pairs (used to
validate/generate signatures) could be kept on an external token
such as a smartcard. The user removes the token when not at the
workstation. Smartcards are relatively cheap and simple to use.
Access control is also an issue. Its no use validating binaries when
someone has managed to get hold of the root password, or reboots
your system off a diskette and then has access to your filesystem
to replace the kernel without your knowledge.
It all depends how serious you are about this Brett. Using
something like a smartcard and developing a sound architecture
would be great tho...You can also then look at encrypted
filesystems etc etc :-)
No security system is ever 100%. How much money and effort you
expend securing your system is proportional to what your threat is
and the cost of a compromise.