> On Fri, 3 Dec 1999, Jeffrey B. Siegal wrote:
>
> > > How do you protect against corruption/replacement of the daemon software
> > > that checks the images?
> >
> > Keep it in physically unwritable media, like a CD-R in a CD-ROM drive.
I think it should be placed in a a phisically
unwritable memory (ROM), or you can kill the daemon
and simply start another one.
I once had a diskless machine running from a
customized rh4.0 cd image that was compromised, and found the
running named very different from the one on the cd...
If you sign binaries and make the kernel validate
them at every run, you bind them to the kernel.
This way you can't change one component without
changing all of them. This raises the security barrier,
if the kernel knows the public key only and
the private one is (say) on a separate, offline developement
machine.
--Gio'
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/