lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTik6Ww6zM2LaNzgX5TSGOaxnK-VLQNVP-D0dtVJi@mail.gmail.com>
Date:	Fri, 4 Jun 2010 23:47:24 +0500
From:	Shaz <shazalive@...il.com>
To:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc:	Dmitry Kasatkin <dmitry.kasatkin@...ia.com>,
	James Morris <jmorris@...ei.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-security-module@...r.kernel.org" 
	<linux-security-module@...r.kernel.org>,
	David Safford <safford@...son.ibm.com>,
	Dave Hansen <dave@...ux.vnet.ibm.com>,
	Arjan van de Ven <arjan@...radead.org>,
	securityengineeringresearchgroup 
	<securityengineeringresearchgroup@...glegroups.com>
Subject: Re: [PATCH 00/14] EVM

On Fri, Jun 4, 2010 at 8:09 PM, Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote:
> On Fri, 2010-06-04 at 11:53 +0500, Shaz wrote:
>> > Yes, verifying one file containing the hashes would be faster than
>> > verifying individual hashes stored as extended attributes (xattrs), but
>> > this does not take into account that files on a running system are being

What if the sensitive files (binary or data) are compared with IMA
measurements after trusted boot or at anytime a stakeholder wants to?
The comparisons made with IMA will be the sha1 (or ....) of the files
stored in that one verification file. The stakeholder's key determines
which measurements can be compared by her (privacy protection and
confidentiality). Better use this key for an equivalence mechanism for
the factor of performance. The stakeholder's key as an identity can
help to make remote attestation more sensible as well. And here you
will be moving towards TCG MPWG standards .....

Combine this with SELinux or some RBAC mechanism and hopefully you
will get something closer to what MeeGo is trying to achieve. Consider
a trusted package manager with a registry sort of functionality for
files and it's owners and users and you've got a complete solution.

The worst part is that achieving performance is tough, while space is
not a serious issue.

>> > modified or added. On a small form factor, the number of files is
>> > limited, but would this scale well? In addition, what protects that one
>> > file containing all the hashes from being modified?  So, if you limit


-- 
Shaz
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ