Re: Fw: signed kernel modules?

[Thomas Weber]

On Fri, Oct 15, 2004 at 10:11:47PM +0200, Tonnerre wrote:
> 
> What trusted computing revealed is that there is at least amongst some
> companies  a desire  to be  able to  dictate what's  going on  on your
> computer. Think Disney here.


> 			    Tonnerre
> 
> PS. I did a module signing patch  some years ago. I did a framework. I
>     did tests. I got scared of its power. All I say is, take care.

Think about companies deploing binary only drivers for their hardware.
I guess they'd be happy to have a 'feature' like this in the kernel.
We might end up with hardware companies deploying binary only signed 
modules for the major distributions (with which they have deals).
We might end up with weird patches from those companies to get their key
into the kernel source in order to be able to load their signed module.

Once a module itself requires this feature in the kernel you don't have
the choice of saying 'No' to this option of compile time and you can't
simply revert this patch anymore as others have suggested.

This patch would give power to those who make binary distributions and
(binary only) modules not to the admin who runs the system.
Only allowing modules to be loaded from a secured area (read only
device, signed 'container' of modules...) and leaving it to the
admin which modules he puts into this area would address all the reasons
for this patch without taking power away from the owner of the system.

  Tom
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/