Subject: Re: Volunteers to test some kernel code...
To: Brett Lymn <email@example.com>
From: Manuel Bouyer <firstname.lastname@example.org>
Date: 06/11/1999 15:19:58
On Fri, Jun 11, 1999 at 11:54:21AM +0930, Brett Lymn wrote:
> I getting close to having an idea I had working and I am
> looking for some willing volunteers for some rather alpha kernel code.
> The code I have been working on adds a validation of a MD5 signature
> on exec. I am thinking that if I add a "new" securelevel, level 3,
> then exec could refuse to run any unsigned binary. I believe that
> this facility closes a large number of trojan horse opportunities
> (yeah, this can be done with immutable flags...) and gives fine grain
> control of what people _can_ run _even_as_root_ (which cannot,
> currently, be done).
Where are the signature keep ?
Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr