Date: Thu, 03 Apr 2008 17:00:50 +0200 From: Torfinn Ingolfsen <torfinn.ingolfsen@broadpark.no> To: freebsd-stable@freebsd.org Subject: Re: Digitally Signed Binaries w/ Kernel support, etc. Message-ID: <20080403170050.c0110778.torfinn.ingolfsen@broadpark.no> In-Reply-To: <MDEHLPKNGKAHNMBLJOLKAEPLLJAC.davids@webmaster.com> References: <20080402203859.GB80314@slackbox.xs4all.nl> <MDEHLPKNGKAHNMBLJOLKAEPLLJAC.davids@webmaster.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 03 Apr 2008 04:12:27 -0700 David Schwartz <davids@webmaster.com> wrote: > He would face a chicken and egg problem. To make a signed executable > to set his key to be accepted, he would need his key to already be > accepted. Uhm, if the attacker managed to get a hole in the sustem and get in, he / she will surely manage to get the necessary tools (a signed binrary) onto the system. As an added bonus, this is a binary he created himself, so it works with his key. > However, I agree that this is kind of pointless. It's like adding > extra locks to the back door when the front door is just as open. > Once someone gets root, odds are they can exploit an executable -- > even if it's signed -- using the same process they used to get root > in the first place. Exactly. PLease use the tools that are already available (securelevel in this case) before thinking up new ones that FreeBSD might or might not "need". Just my 0.2 eurocents. -- Regards, Torfinn Ingolfsen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080403170050.c0110778.torfinn.ingolfsen>