| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Jun 2007 18:29:17 +0200 From: Alexander Wuerstlein <arw@....name> To: Adrian Bunk <bunk@...sta.de> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH] signed binaries support [0/4] On 070621 18:19, Adrian Bunk <bunk@...sta.de> wrote: > On Thu, Jun 21, 2007 at 05:55:16PM +0200, Johannes Schlumberger wrote: > > > Hi, > > Hi Johannes, > > > We (two students of CS) built a system for signing binaries and verifying them > > before executing. Our main focus was to implement a way to inhibit execution > > of suid-binaries, which are not trustworthy (i.e. not signed). > >... > > doesn't anyone who is able to install a not trustworthy suid-binary > already have the priviliges to do anything he wants to without requiring > an suid bit? Yes, quite correct in most cases. But if you have taken control of a computer on of the more common ways to keep the control for some time is the installation of a suid-binary (e.g. as part of a rootkit). One could also imagine a scenario where an attacker controls some filesystems (on external storage perhaps) where he can of course manipulate the suid bit, but he does not have direct control over the attacked system unless he can execute that file. Ciao, Alexander Wuerstlein. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists