[vox-tech] Linux file/module security proposal.
Wes Hardaker
wjhns156 at hardakers.net
Fri Aug 22 11:34:55 PDT 2008
>>>>> On Fri, 22 Aug 2008 09:37:44 -0700, Bill Broadley <bill at cse.ucdavis.edu> said:
BB> I meant via root. Does it work on your system by default?
Err... Not actually sure. I don't run SELinux by default since I have
a heavy development machine and it doesn't work perfectly (I'm a prime
example of someone who needs a better method for policy tweaking).
I suspect that there is a device I could write to that would let me
trump something in memory not assigned to the current process. But I'm
not a heavy kernel hacker ;-)
BB> The signed modules has an implementation, and doesn't require the
BB> reboots.
I think I've come off too negative, btw. I actually *do* want you to
succeed. I was trying to point out all the things that need to be
thought about :-) I do think they're all work-around-able. They just
all need to be done.
One more thought: are you going to allow people to generate private keys
for loading privately compiled modules (preferably offline or on a
different system)? IE, do you have any kernel modules loaded that
aren't distributed from your distro vendor? Things like self-compiled
vmware, nvidia, etc drivers need to be signed... If you only have a
distro key you've locked yourself out too (which is both good and bad).
--
"In the bathtub of history the truth is harder to hold than the soap,
and much more difficult to find." -- Terry Pratchett
More information about the vox-tech
mailing list