l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2008 Aug 21 18:33

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Linux file/module security proposal.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Linux file/module security proposal.

>>>>> On Thu, 21 Aug 2008 10:16:03 -0700, Bill Broadley <bill@cse.ucdavis.edu> said:

>> Well, it all comes down to how much of the system the hacker owns.  If
>> he has root on your machine he's likely inserted a kernel module to hide
>> things or change things 

BB> Right, but if the kernel only accepts signed binaries then he can't.

Ah, yes...  I agree.  I even know it's been done.  The problem is that
it's not generally deployed :-(

You need:

  - A kernel that only accepts signed modules
  - A system that protects the file system where kernel components and
    keys are installed (or else all it takes is a reboot)
  - A system that protects the memory

So, all of those have been done.  SELinux brings a lot of it to the
table that is needed, in fact, and I know there has been a lot of work
to ensure kernels only load signed modules.

Unfortunately, I don't think most people have half of what they need
turned on in order to accomplish the above.

(I know I'm sounding pessimistic...  In part because I've looked at
doing something like this before.  It's a lot of work when you get down
to the nitty-gritty.  You're right, though, that it should be possible
in theory.)

Personally, I think it might be easier to do only-loading-of-modules
from R/O media that are created on a different system and have the key
systems all boot from CDROM or something.  That way you don't need to
worry quite as much about all the security policies being written perfectly.

"In the bathtub of history the truth is harder to hold than the soap,
 and much more difficult to find."  -- Terry Pratchett
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.