Date: Tue, 31 Jul 2012 21:29:56 +0300 From: Efstratios Karatzas <gpf.kira@gmail.com> To: soc-status@freebsd.org Subject: Kernel Level File Integrity Checker report #10 Message-ID: <CAHywV0iodgZ1boOihw72CS0Q5Qgsj=Ti-s0tPwBsELpg0Stp1g@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
During week #10: * /sbin/pefs 'nameid': prints the name id (MAC) for a file in pefs filesystem. This identifier is used instead of inode number when looking up files in .pefs.checksum so it should prove useful when user has to decipher cryptic error messages. Next tasks on the TODO list: After a talk with my mentor, verifying .pefs.checksum in kernel level is pushed to the end of my TODO list since there is no asymmetric crypto support in the FreeBSD kernel and I would have to port parts from a different library or module to the FreeBSD kernel. There are a few minor changes that need to be done at the /sbin/pefs codebase but for the moment, I'm switching to the last major TODO of my project which is altering securelevel and perhaps rtld so that only executables with schg flag set are allowed execution. -- Efstratios "GPF" Karatzas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHywV0iodgZ1boOihw72CS0Q5Qgsj=Ti-s0tPwBsELpg0Stp1g>