On Mer, 2003-05-14 at 14:52, Dean McEwan wrote:
> It would be set up so that files have an internal signature (ELF format might have to be
> fiddled with). It would verify itself by sending info to the creator of the contents PC OR server
> asking for verification of itself, files could be limited lease, rented, or automatically expire
> after some time.
That way around doesnt actually work because I'll simply lie, fake the server or firewall you
(in fact any serious business firewalls all outgoing traffic from end users). If you want
to do it for internal trust and you control the systems (the useful case) you set SELinux
or RSBAC up so that all applications create files in a "non runnable" class. The only way
to transition an app is a single user application which does your key checking and other
processing then transitions the binary to "safe". I guess you also add a general rule that
writing to a file moves it back into non runnable.
One of the problems with this is interpreters. Its easy to do this with ELF binaries but
you have to extend it to scripts and that normally means more pain 8)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 15 2003 - 22:00:52 EST