From owner-freebsd-hackers@FreeBSD.ORG Sun Sep 2 17:48:30 2007 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 664DE16A468 for ; Sun, 2 Sep 2007 17:48:30 +0000 (UTC) (envelope-from mwm-keyword-freebsdhackers2.e313df@mired.org) Received: from mired.org (vpn.mired.org [66.92.153.74]) by mx1.freebsd.org (Postfix) with SMTP id 2955E13C4B3 for ; Sun, 2 Sep 2007 17:48:30 +0000 (UTC) (envelope-from mwm-keyword-freebsdhackers2.e313df@mired.org) Received: (qmail 54281 invoked by uid 1001); 2 Sep 2007 17:47:20 -0000 Received: from bhuda.mired.org (localhost.localdomain [127.0.0.1]) by bhuda.mired.org (tmda-ofmipd) with ESMTP; Sun, 02 Sep 2007 13:47:20 -0400 Date: Sun, 2 Sep 2007 13:47:19 -0400 To: freebsd-hackers@freebsd.org Message-ID: <20070902134719.271834f5@bhuda.mired.org> In-Reply-To: <20070902104508.GB19678@britannica.bec.de> References: <45910cf20709011027o546363e2h4f5646b15e0f84a2@mail.gmail.com> <20070901183020.6a098955@bhuda.mired.org> <20070902104508.GB19678@britannica.bec.de> Organization: Meyer Consulting X-Mailer: Claws Mail 2.9.1 (GTK+ 2.10.12; amd64-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Delivery-Agent: TMDA/1.1.11 (Ladyburn) From: Mike Meyer Subject: Re: Exclusive binary files X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Sep 2007 17:48:30 -0000 On Sun, 2 Sep 2007 12:45:09 +0200 Joerg Sonnenberger wrote: > On Sat, Sep 01, 2007 at 06:30:20PM -0400, Mike Meyer wrote: > > On Sat, 1 Sep 2007 14:27:42 -0300 "Klaus Schneider" wrote: > > > Well, anybody know a way to make the FreeBSD run just binaries that I have > > > compiled? > > In general, it's impossible. There's no way the system can know that > > you compiled a binary. There are a number of things you could do with > > a custom kernel and toolchain to indicate that you compiled the binary > > (like Peter's changing of ELF OSABI), but that's just security through > > obscurity. If someone figures out those changes and replicates them, > > you lose. > You mean using cryptographic hashes to ensure that binaries match those > you compiled is impossible? Something like NetBSD's veriexec? Yes, that's possible, but "don't execute binaries I don't tell you are ok" is not (quite) the same thing as "don't execute binaries I compiled" or "don't execute binaries I didn't sign" or "don't execute ....". There are a number of things possible that are close to what he asked for, with different strengths and weaknesses. Valid responses include listing all of them, or guessing at his requirements and providing the best solution for the guess. However, I suspect that all those solutions are a lot more painful than solving whatever issues keep him from mounting his user partition noexec, so I chose another valid response, and asked for more information about his requirements. http://www.mired.org/consulting.html Independent Network/Unix/Perforce consultant, email for more information.