tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: execution policy for shells

To: tech-security%NetBSD.org@localhost
Subject: Re: execution policy for shells
From: Jan Schaumann <jschauma%netmeister.org@localhost>
Date: Thu, 23 Sep 2010 15:06:39 -0400

Thor Lancelot Simon <tls%panix.com@localhost> wrote:

> So you need the shell to be the thing whose fingerprint is known to the
> kernel

Yes.

>, and the interpreted scripts to be known to the shell.

I'd like to avoid having to know in advance the scripts the shell might
run.  I'd rather say "only run a scrip -- any script -- if it's signed
by X".

-Jan

Attachment: pgpQoPRqCEjlR.pgp
Description: PGP signature

Follow-Ups:
- Re: execution policy for shells
  - From: Thor Lancelot Simon

References:
- execution policy for shells
  - From: Jan Schaumann
- Re: execution policy for shells
  - From: Thor Lancelot Simon
- Re: execution policy for shells
  - From: Brett Lymn
- Re: execution policy for shells
  - From: Jan Schaumann
- Re: execution policy for shells
  - From: Thor Lancelot Simon

Prev by Date: Re: execution policy for shells
Next by Date: Re: execution policy for shells
Previous by Thread: Re: execution policy for shells
Next by Thread: Re: execution policy for shells
Indexes:

Home | Main Index | Thread Index | Old Index