Re: malware defense

David Woodhouse (David.Woodhouse@mvhi.com)
Tue, 07 Dec 1999 11:34:44 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ralf Baechle: "Re: AVL trees vs. Red-Black trees"
Previous message: Jones D: "RE: 64GB RAM Curiousity Project"

sct@redhat.com said:
> Encryption != authentication. As long as the module plaintext isn't
> encrypted, I wouldn't have thought there would be any problems with
> adding signatures.

Adding signatures to the modules before they're relocated doesn't buy you much
if you then just allow modprobe to do the relocation itself.

The linker (in modprobe) can do nasty things with the relocations - so if you
just checksum it before it's linked then you can still be vulnerable.

To really do this securely, I suspect we'd need to actually put the linker
into the kernel, rather than having it in modprobe as it is at the moment.

-- dwmw2

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Ralf Baechle: "Re: AVL trees vs. Red-Black trees"
Previous message: Jones D: "RE: 64GB RAM Curiousity Project"