Subject: Re: Volunteers to test some kernel code...
To: Brett Lymn <blymn@baea.com.au>
From: Darren Reed <darrenr@reed.wattle.id.au>
List: tech-kern
Date: 06/11/1999 17:59:52
In some email I received from Brett Lymn, sie wrote:
[...]
> BTW Does anyone have a pointer to an explanation of how to do a
> hashing system? I vaguely know what hashing does but I don't have a
> clue how to implement one - my Engineer training meant that I missed
> out on CS-101 ;-)
What do you mean by "hashing system" ?
If I think you're asking what you are, then you've got some problems
to solve. The first is how do you generate hashes in a `secure' way
and the second is how do you ensure that the hash is valid ?
The problem is, as I see it, even if you can get read-only access to
/dev/kmem, you can discover the `hash seed' used to validate executeables.
If something like init could `lock' the file used to store hashes in (index
by (devno,ino) should work) a database, then at least discovery of that
seed would be of no use as the table of hashes would not be susceptible
to change.
Ideally you need a `seed password' to be entered when creating the hash
and again when booting up so that the correct `hash seed' can be calculated
in both instances.
Darren