Re: [ANNOUNCE] Release Digsig 1.5: kernel module for run-timeauthentication of binaries

Serge E. Hallyn wrote:
Quoting Arjan van de Ven (arjan@xxxxxxxxxxxxx):
A one time effort to write it *and sign it*.
you don't sign nor need to sign perl or bash scripts. Why would a loader
be written in ELF itself? There's absolutely no reason for that.

Yup, that's an unfortunate shortcoming. We'd been wanting to re-post to
lkml for a long time to get ideas to fix that.

I had an extension to digsig earlier which enabled signing shellscripts
using xattrs (just because it was a trivial task), but that's clearly
insufficient as it would catch "./myscript.pl" but not "perl
myscript.pl".

Another thing to do is to modify perl to verify signatures of
the scripts it's executing, sign *that* perl binary, and disallow
executing of unsigned perl scripts...

/mjt, who's joking only partially.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • Re: newbie cspan example question
    ... A am real new to Perl. ... My background is Modula2 and Bash scripts. ... I love all the examples at CSPAN. ... There are also plenty of books, tutorials, and online documentation, along with the documentation that came along ...
    (comp.lang.perl.misc)
  • Re: Calling bash things inside perl script.
    ... who had literally mentored me in learning perl. ... I have bunch of this bash scripts which has lot of functions. ... I wanted to call and use them in a perl script.I am not sure how ...
    (perl.beginners)
  • Re: OT but: How to let Perl know of a library location
    ... MySQL 5, and PHP 5. ... configures loads of perl modules from CPAN. ... 12, referer: http://lmgkoha:8080/cgi-bin/koha/acqui.simple/addbiblio.pl ... executing ldd on the executable. ...
    (comp.unix.solaris)
  • Re: Scheduled tasks and shutdown.exe
    ... it is still executing. ... command "perl D:\ExtractPrices.pl" from a Command Prompt. ... Can you enter new commands while the Perl script executes? ... I am equally baffled by your statement "runs every time windows ...
    (microsoft.public.windowsxp.general)
  • Re: Array size limit in Perl
    ... The data format is as follows, ... And my perl code is as follows. ... Have you tried printing this string rather than just executing it, ... examine the sorted array. ...
    (perl.beginners)