Re: [PATCH] signed binaries support [0/4]

From: Adrian Bunk
Date: Thu Jun 21 2007 - 12:17:54 EST

Next message: Stefan Richter: "Re: [PATCH] driver core: multithreaded probing - more parallelismcontrol"
Previous message: H. Peter Anvin: "Re: Adding subroot information to /proc/mounts, or obtaining thatthrough other means"
In reply to: Johannes Schlumberger: "[PATCH] signed binaries support [0/4]"
Next in thread: Alexander Wuerstlein: "Re: [PATCH] signed binaries support [0/4]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 21, 2007 at 05:55:16PM +0200, Johannes Schlumberger wrote:

> Hi,

Hi Johannes,

> We (two students of CS) built a system for signing binaries and verifying them
> before executing. Our main focus was to implement a way to inhibit execution
> of suid-binaries, which are not trustworthy (i.e. not signed).
>...

doesn't anyone who is able to install a not trustworthy suid-binary
already have the priviliges to do anything he wants to without requiring
an suid bit?

> regards,
> Johannes
>...

cu
Adrian

--

"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stefan Richter: "Re: [PATCH] driver core: multithreaded probing - more parallelismcontrol"
Previous message: H. Peter Anvin: "Re: Adding subroot information to /proc/mounts, or obtaining thatthrough other means"
In reply to: Johannes Schlumberger: "[PATCH] signed binaries support [0/4]"
Next in thread: Alexander Wuerstlein: "Re: [PATCH] signed binaries support [0/4]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]