Subject: Re: what's in a name? fingerprinted exec
To: Simon J. Gerraty <email@example.com>
From: Brett Lymn <firstname.lastname@example.org>
Date: 10/16/2002 22:04:03
On Tue, Oct 15, 2002 at 11:19:11PM -0700, Simon J. Gerraty wrote:
> Also, you can have the benefit of "signed" binaries with no more cost
> than the hashing - in as much as you can have a userland tool that
> verifies the signature (eg. binary is signed by a trusted 3rd party
> such as the OS vendor or the local admin) and only if valid, passes the
> hash down to the kernel so that the binary can be exec'd.
Someone else was thinking about pursuing this, it does provide some
other capabilities but has it's own downsides - you cannot apply the
scheme to a shell script.
> Even if you go so far as to do the signature verification in the kernel,
> the result of that can again be simply installing the hash in the
> "ok to exec" list or whatever.
Ummmm that is exactly what I am proposing to add to the kernel!