[linux-elitists] System-wide certification key (equivalent of root access)
Fri Jan 18 11:13:27 PST 2002
On Fri, Jan 18, 2002 at 10:53:17AM -0800, Seth David Schoen wrote:
> So another possible application is setuid scripts.
A number of people have pseudo working implementations for something
like this for Linux. Here's the different projects that I have seen
(none of them are public from what I can tell, so there's code for
people to play with, yet...)
- kernel can only load modules signed with a proper key.
This keeps modules that are not "blessed" with a distro's key from
being able to be loaded. Makes tech support much easier. Microsoft
does much the same thing.
- kernel only executes binaries or scripts signed with a proper key.
If the binary/script is not signed, then a host of options are
- run the program with no privileges
- don't run the program
- run the program, but let someone know about it.
I had the second option working in a lab, but was incredibly slow.
Wait, it did finally get released, see:
It uses gpg as a crypto library, which I proved is a _very_ bad thing to
do in kernel space (slow and leaks memory over time.)
I started to port the code to using the SSL library, but left WireX
before I finished it. Hopefully someone is still working on the code,
it's a great idea.
Hope this helps,
More information about the linux-elitists