Re: [ANNOUNCE] DigSig 0.2: kernel module for digital signature verification for binaries
From: Valdis . Kletnieks
Date: Wed Oct 01 2003 - 09:06:15 EST
On Wed, 01 Oct 2003 12:26:31 +0200, Pavel Machek said:
> > Instead of writing a long detailed explication, I rather give you an
> > example of how you can use it.
>
> Can you also add example *why* one would want to use it?
>
> AFAICS if I want to exec something, I can avoid exec() syscall and do
> mmaps by hand...
The idea isn't to stop you from calling exec*().
The idea is to ensure that if you do execve("/usr/bin/foobar",...) that the
foobar binary hasn't been tampered with and you're not about to launch a binary
differing from what you expected. Note that on a properly administered
system, this is a *high* level of paranoia, as the file permissions should have
prevented writing to the binary in the first place. It's also a maintenance
nightmare waiting to happen, as you get to re-sign all the binaries every time
you install a patch, and it won't help prevent trojaned shared libraries...
Attachment:
pgp00001.pgp
Description: PGP signature