[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: How to make module autoloading play nice with securelevel
On Sun, Oct 17, 2010 at 08:09:24AM -0400, Thor Lancelot Simon wrote:
> On Sat, Oct 16, 2010 at 07:56:22PM -0700, Gary Thorpe wrote:
> > Would it be useful to use digital signatures with kernel modules and
> > have the user decide which signatures are "trusted" (including the
> > options of accepting any or unsigned modules [all])? Is it infeasible,
> > too hard or not very secure to do this?
> No pubkey support in the software kernel crypto provider. Given that,
> it's just a SMOMP, where the "M" for "more programming" in this case means
> "parsing horrible X.509 datastructures and making complex policy decisions
Is that all necessary? Is it not sufficient to just have an immutable
file with one-way hashes for all modules? Then you have only one file
to protect, and it can be loaded into the kernel at boot-time, so no
mounting-over etc to consider. And the modules can be stored anywhere.
Geert Hendrickx -=- ghen%telenet.be@localhost -=- PGP: 0xC4BB9E9F
This e-mail was composed using 100% recycled spam messages!
Main Index |
Thread Index |