Subject: Re: verified executable kernel modification committed
To: Brett Lymn <email@example.com>
From: Seth Kurtzberg <firstname.lastname@example.org>
Date: 11/03/2002 21:51:10
Even with read only media, might you not be vulnerable to attacks on
cached copies of executables? Perhaps this is so difficult as to not be
On Sun, 2002-11-03 at 21:47, Brett Lymn wrote:
> On Sun, Nov 03, 2002 at 11:34:31PM -0500, Perry E. Metzger wrote:
> > You can overwrite the key used for checking the signature.
> In the kernel? Now we are back to that.
> > Read only media? Sure, but once you have read only media, you have to
> > put everything in the trust path onto that media, including the
> > kernel, programs for loading the hashes, etc. At which point, of
> > course, you wonder why you didn't just use read only media for the
> > whole task....
> You can do that... I have done that in the past. Then you don't need
> immutable flags because you have made the system immutable. Mind you,
> you need some writable storage somewhere so you would need to be
> careful that that is not mounted allowing exec or you open yourself to
> having binaries run from there.
> Brett Lymn
M. I. S. Corp
Pager 888-605-9296, or email@example.com