Re: [ANNOUNCE] Release Digsig 1.5: kernel module for run-timeauthentication of binaries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 25 Apr 2006, Arjan van de Ven wrote:
> On Tue, 2006-04-25 at 00:35 +0100, Nix wrote:
> > On Mon, 24 Apr 2006, Arjan van de Ven yowled:
> > > On Mon, 2006-04-24 at 21:32 +0100, Nix wrote:
> > >> It checks mmap and mprotect with PROT_EXEC, and execve().
> > > 
> > > so no jvm's or flash plugins.
> > 
> > Well, you'll have to sign the flash plugin. This isn't
> > sign-at-compilation-time; 
> 
> the point I made is that a jvm has executable memory capabilities (it
> has to) and can be made an elf loader. At which point.. game over.

Then don't sign the jvm ;-)

Gr{oetje,eeting}s,

						Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
							    -- Linus Torvalds
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux