Re: Fw: signed kernel modules?

From: Roman Zippel
Date: Thu Oct 14 2004 - 09:28:57 EST


Hi,

On Thu, 14 Oct 2004, David Woodhouse wrote:

> How are they related? If you don't trust the _build_ system on which the
> kernel and modules were compiled and signed, the whole game is lost
> anyway.

Well, how do you want to win the whole game? Modules are just one part of
it, what about the rest? If I'd be that much concerned about modules, I
would disable module loading completely.

> Insmod is running on the live system, and has nothing to do with the
> build system.

Only a minority of people do cross compile kernels, most people compile
kernel and modules on the same machine, so that there enough points left
to attack the system. Even if the kernel is compiled on a different
machine, how can you trust the kernel you're going to boot next time?
I'm missing how this does fit into the big picture, throwing lots of
code onto modules doesn't make it more safe. In the meantime there are
simpler measures to get the system more secure.

bye, Roman
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/