| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jun 2008 12:28:55 -0400 From: david safford <safford@...son.ibm.com> To: Pavel Machek <pavel@....cz> Cc: Andrew Morton <akpm@...ux-foundation.org>, Mimi Zohar <zohar@...ux.vnet.ibm.com>, linux-kernel@...r.kernel.org, serue@...ux.vnet.ibm.com, sailer@...son.ibm.com, zohar@...ibm.com, Stephen Smalley <sds@...ho.nsa.gov>, CaseySchaufler <casey@...aufler-ca.com> Subject: Re: [RFC][Patch 5/5]integrity: IMA as an integrity service provider On Sat, 2008-05-31 at 09:54 +0200, Pavel Machek wrote: > On Wed 2008-05-28 01:22:42, Andrew Morton wrote: > > On Fri, 23 May 2008 11:05:45 -0400 Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote: > > > > > This is a re-release of Integrity Measurement Architecture(IMA) as an > > > independent Linunx Integrity Module(LIM) service provider, which implements > > > the new LIM must_measure(), collect_measurement(), store_measurement(), and > > > display_template() API calls. The store_measurement() call supports two > > > types of data, IMA (i.e. file data) and generic template data. > ... > ...also, it would be nice to see explanation 'what is this good for'. > > Closest explanation I remember was 'it will protect you by making > system unbootable if someone stole disk with your /usr filesystem -- > but not / filesystem -- added some rootkit, and then stealthily > returned it'. That seems a) very unlikely scenario and b) probably > better solved by encrypting /usr. > Pavel Sorry about this delayed response - we are about to repost for RFC, and noticed we missed responding to this. You are thinking about a related project, EVM, which HMAC's a file's metadata, to protect against off-line attacks, (which admittedly many users are not concerned about.) This submission, IMA, provides hardware (TPM) based measurement and attestation, which measures all files before they are accessed in any way (on the inode_permission, bprm and mmap hooks), and commits the measurements to the TPM. The TPM can sign these measurement lists, and thus the system can prove to itself and to a third party these measurements in a way that cannot be circumvented by malicious or compromised software. IMA is just one part of integrity detection, as it does not detect purely in-memory attacks, such as worms. dave safford -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists