Date: Tue, 17 Jul 2012 17:00:24 +0300 From: Efstratios Karatzas <gpf.kira@gmail.com> To: soc-status@freebsd.org Subject: Kernel Level File Integrity Checker report #8 Message-ID: <CAHywV0g2h0pWpAJBSFsFpe7DT7sVuvTtTSZPd2Waurrq=q_p2g@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
During week #8: * clean up the codebase * midterm eval * checksums are now produced in kernel land during VOP_READ() and checked against the ones from .pefs.checksum. If they don't match, we deny reading access to that vnode. Next tasks on the TODO list: * research/implement signing .pefs.checksum and verifying that signature during `/sbin/pefs verify` as well as during VFS_MOUNT(). * require that immutable flags are set for all files that require integrity checking. this should be checked both by /sbin/pefs and in kernel when a vnode is looked up in index tables to see if it requires integrity checking. Also, add an option to `/sbin/pefs addchecksum` to set immutable flags for all files in input list, in case they are not already set. -- Efstratios "GPF" Karatzas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHywV0g2h0pWpAJBSFsFpe7DT7sVuvTtTSZPd2Waurrq=q_p2g>