Subject: Re: LKM
To: Lennart Augustsson <lennart@augustsson.net>
From: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
List: tech-security
Date: 09/14/2001 21:43:24
On Fri, 14 Sep 2001, Lennart Augustsson wrote:
> No, it's much more powerful.  With a signed driver you have to trust that
> whoever signed it is not lying (volontary or involontary).  With a proof that
> YOU check you only have to trust your own proof checking ability.
> There is no need to trust anyone else, so it is strictly more powerful
> (and also more difficult to implement).

Right, but as far as I understand, doing such a check would mean to
analyze the whole (machine) code, automatically, and make some assertion
if it's "good" or "bad". Sounds tough. :-)


 - Hubert

-- 
Want to get a clue on IPv6 but don't know where to start? Try this:
* Basics -> http://www.onlamp.com/pub/a/onlamp/2001/05/24/ipv6_tutorial.html
* Setup  -> http://www.onlamp.com/pub/a/onlamp/2001/06/01/ipv6_tutorial.html 
Of course with your #1 IPv6 ready operating system -> http://www.NetBSD.org/