On Fri, Jun 11, 1999 at 11:54:21AM +0930, Brett Lymn wrote:
> 
> Folks,
>         I getting close to having an idea I had working and I am
> looking for some willing volunteers for some rather alpha kernel code.
> 
> The code I have been working on adds a validation of a MD5 signature
> on exec.  I am thinking that if I add a "new" securelevel, level 3,
> then exec could refuse to run any unsigned binary.  I believe that
> this facility closes a large number of trojan horse opportunities
> (yeah, this can be done with immutable flags...) and gives fine grain
> control of what people _can_ run _even_as_root_ (which cannot,
> currently, be done).

Where are the signature keep ?

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--