Subject: Re: what's in a name? fingerprinted exec
To: Simon J. Gerraty <>
From: Brett Lymn <>
List: tech-security
Date: 10/16/2002 22:04:03
On Tue, Oct 15, 2002 at 11:19:11PM -0700, Simon J. Gerraty wrote:
> Also, you can have the benefit of "signed" binaries with no more cost
> than the hashing - in as much as you can have a userland tool that 
> verifies the signature (eg. binary is signed by a trusted 3rd party 
> such as the OS vendor or the local admin) and only if valid, passes the 
> hash down to the kernel so that the binary can be exec'd.

Someone else was thinking about pursuing this, it does provide some
other capabilities but has it's own downsides - you cannot apply the
scheme to a shell script.
> Even if you go so far as to do the signature verification in the kernel,
> the result of that can again be simply installing the hash in the 
> "ok to exec" list or whatever.

Ummmm that is exactly what I am proposing to add to the kernel!

Brett Lymn