I think that one good partial solution to security with modules anyway could
be:
- extending the module (/binary?) format in 2.4/2.5 to include digital
signatures
- digitally signing modules via an encrypted digest
- done by known, trusted organisation (eg Linus)
- possibly enforced for 2.4/2.5 - ultimately this is required
- integrated into the kernel
then
- modifying modutils
- add digital signature checking
- maybe refuse to load module unless overridden with some flag in eg
/etc/modules.conf
- log all non-trusted loading of modules
This should work well, since the user will know whether the modules loading
are trusted or not.
I think this is a step in the right direction. Really, it shouldn't be hard
to implement, apart from encryption exporting
eg need to use 40-bit RSA encryption rather than 56-bit or 128-bit. IIRC
there may have been a change about US policy regarding encryption export
recently. 40-bit is a start anyway.
Maybe an interim bonus would be to add a module checksum or something to see
if it has been modified/hacked/infected, etc.
Any ideas?
__________________________
Daniel J Blueman
Undergraduate - BSc Computing Science
UMIST university - Manchester
Direct line: 0161 933 3569
Mobile: 07775 583766
Email: daniel.j.blueman@stud.umist.ac.uk
SMS: daniel.j.blueman@sms.genie.co.uk
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/