Re: Checking integrity of /sbin/init from within kernel

["Kurt Seifried" <openbsd@seifried.org>]

So I just install a stock kernel and /sbin/init then?

> So back to my questions: How hard is this to achieve and whom can I ask
> to do it? Does anyone know of anybody who is interested in that kind of
> kernel hacking that he'd want to do the code for this?

You have to build MD5/SHA1/whatever routines into the kernel so it can
create the signature. You have to build logic to read /sbin/init, generate
the sum and compare it to the hardlinked value. Unless you send a good chunk
of money to an OpenBSD developer I don't think it'll happen, and I certainyl
don't see it being included in the "official" source code.

Unless you obsfuscate the signature I can edit the kernel with a hex editor,
modify the sum, and then modify /sbin/init (which I doubt has a good
protection mechanism for the sum it stores).

Or I can load a standard kernel/init and ignore all this.

If the attacker has the capability of modifying /sbin/init or /bsd they can
likely circumvent any protection you can some up with on your own.

Building trusted operating systems is pretty darn non-trivial.

What I would suggest is learning about the magic of systrace, that will
probably do more to improve your actual security then anything else (apart
from keeping the system up to date of course).

Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/