Date: Wed, 21 May 2008 19:37:31 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-stable@FreeBSD.ORG Subject: Re: Digitally Signed Binaries w/ Kernel support, etc. Message-ID: <200805211737.m4LHbVuX023379@lurza.secnetix.de> In-Reply-To: <20080403170050.c0110778.torfinn.ingolfsen@broadpark.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry for replying to an old mail here, but there's an important point that was unanswered so far ... Torfinn Ingolfsen wrote: > David Schwartz wrote: > > > He would face a chicken and egg problem. To make a signed executable > > to set his key to be accepted, he would need his key to already be > > accepted. > > Uhm, if the attacker managed to get a hole in the sustem and get > in, he / she will surely manage to get the necessary tools (a signed > binrary) onto the system. As an added bonus, this is a binary he > created himself, so it works with his key. That wouldn't work. How is he going to sign a binary if he doesn't have the private key? When you set up a system with signed binaries, you usually store the private key somewhere else (on a floppy, USB stick or whatever). Maybe it could even be just a pass- phrase that only exists in the admin's mind, but not on any physical media. So an attacker _cannot_ create a binary with a valid signature. Of course, the kernel doesn't contain the private key either, because you only need the public key to verify the signature. I agree with Peter Wemm: There are legitimate uses for signed binaries. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "Life is short (You need Python)" -- Bruce Eckel, ANSI C++ Comitee member, author of "Thinking in C++" and "Thinking in Java"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200805211737.m4LHbVuX023379>