Date: Mon, 23 Oct 2017 18:28:02 -0400 From: Eric McCorkle <eric@metricspace.net> To: Ian Lepore <ian@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@FreeBSD.org>, freebsd-security@freebsd.org, freebsd-arch@freebsd.org Subject: Re: Trust system write-up Message-ID: <e4fb486c-fe8a-571e-8c95-f5f68c44b77c@metricspace.net> In-Reply-To: <1508775285.34364.2.camel@freebsd.org> References: <1a9bbbf6-d975-0e77-b199-eb1ec0486c8a@metricspace.net> <1508775285.34364.2.camel@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/23/2017 12:14, Ian Lepore wrote: > Any thoughts on how to validate executables which are not elf binaries, > such as shell scripts, python programs, etc? I hadn't really thought in depth about it, as my main initial goal is signed kernel/modules, but I have given it some thought... Arguably the "right" way to do it would be to have the signing mechanism be part of the platform. For example, the JVM has conventions for jar signing. Not clear how this relates to shell scripts though. An alternative is something like the NetBSD veriexec framework, where there's MACs for specific files. That stuff is mostly orthogonal to the public-key approach I'm working on here, but there's possibly some interplay.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e4fb486c-fe8a-571e-8c95-f5f68c44b77c>