Re: [ANNOUNCE] Release Digsig 1.5: kernel module for run-timeauthentication of binaries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,

Just my few cents on signed binaries and DigSig. It's
kind of a very partial reply to several parts of
various emails (Arjan, Ulrich, Nix ...), sorry for
that ;-)

1- "does this also prevent people writing their own
elf loader in a bit of perl and just mmap the code"

I'm not sure to exactly understand what you mean:

- if you mean writing an application able to read &
'interpret' an ELF executable: again, I think DigSig
will prevent this, because when you mmap the code,
this calls (at kernel level) do_mmap which triggers an
LSM hook called file_mmap. And we implement checks in
that hook...

- if you mean modifying the ELF loader so that do_mmap
/ file_mmap aren't called, well you'll need to hack
the kernel, won't you ?

- finally, note you also have choice not to sign this
elf loader of yours. If it isn't signed, it won't ever
run ;-)

2- "You will never get 100% protection from a
mechanism like signed binaries"

Sure. I entirely agree though, if we're honest, *no*
system is ever a 100 % protection ;-)
I think our paper (http://disec.sourceforge.net/ or
http://www.usenix.org/events/lisa04/tech/apvrille.html)
is clear about what we mean to protect and what we do
not, and IMHO, 
in security, we cannot expect more of any system.

3- "I've found signed binaries principally useful on
stripped-down firewalls and firewall UML instances"

Indeed. I foresee use of DigSig for hosts that are not
meant to change 'too' often (for example, not
a developer or a user desktop - although I do
personnally have DigSig on mine ;-)) ). Stripped-down
servers or firewalls are good example (and they do
indeed represent a big niche). BTW, I also
foresee use of DigSig in small embedded systems, and
actually, in that area, I heard of Umbrella,
an open source project using DigSig (I don't know the
status).


Hope this helps !
Best regards,

Axelle.
DigSig - http://disec.sourceforge.net


	
	
		
___________________________________________________________________________ 
Nouveau : téléphonez moins cher avec Yahoo! Messenger. Appelez le monde entier à partir de 0,012 ?/minute ! 
Téléchargez sur http://fr.messenger.yahoo.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux