RE: [ANNOUNCE] Release Digsig 1.5: kernel module forrun-timeauthentication of binaries

[Arjan van de Ven]

On Mon, 2006-04-24 at 12:27 -0400, Makan Pourzandi (QB/EMC) wrote:
> Hi Arjan, 
> 
> I hope I correctly understood your question, DigSig uses LSM hooks to
> check the digital signature before loading it, then as long as your elf
> loader uses kernel system calls, it's covered by DigSig. 

ok I have to admit that this answer worries me.

how can it be covered? How do you distinguish an elf loader application
(which just uses open + mmap after all) with... say a grep-calling perl
script?

As long as you allow apps to mmap (or even just read() a file into
memory).... they can start acting like an elf loader if they chose to do
so. And.. remember it's not the files WITH signature you're protecting
against (which you could check) but the ones WITHOUT. And there are many
of those; and you can't sign ALL files I think, not without going
through really great hoops anyway.



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/