Date: Fri, 15 Nov 1996 10:01:10 -0600 From: jlemon@americantv.com (Jonathan Lemon) To: dyson@freebsd.org Cc: rob@xs1.simplex.nl (Rob Simons), hackers@freebsd.org Subject: Re: Q: system specific binaries Message-ID: <199611151601.QAA05023@right.PCS> In-Reply-To: <199611151543.KAA01199@dyson.iquest.net>; from John S. Dyson on Nov 15, 1996 10:43:10 -0500 References: <199611151329.OAA00724@xs1.simplex.nl> <199611151543.KAA01199@dyson.iquest.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Does anyone have any experience with customising FreeBSD so that only > > binaries which are compiled on a system itself will actually run on > > that system ? > > So the local compiler has to give a key to each binary when it's > > compiled, and when executed there'd be a check for that key. ? > > That way only people who have access to the compiler may generate > > binaries, and no 'foreign' binaries will be executed by the syetem. > > > > If this is too easy to break, is there perhaps a way to specify > > from which directories binaries may be executed ? > > > Perhaps, formulate a system whereby the flags bits on a file are used > in some way... Note that I am not talking about the "protection" bits, > but there is another group of interesting things called flags bits that > can be placed only under the control of the kernel. Just a thought. > > (Perhaps an "annoint" command???) Now, why does this remind me of nettrek's "blessed" binaries? -- Jonathan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611151601.QAA05023>