[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Checking integrity of /sbin/init from within kernel

To: Torsten Valentin <winsock2@musiker.de>
Subject: Re: Checking integrity of /sbin/init from within kernel
From: Jan Wildeboer <jan.wildeboer@gmx.de>
Date: Tue, 01 Oct 2002 11:09:49 +0200
Cc: "'Otto Moerbeek'" <otto@drijf.net>, misc@openbsd.org
References: <003701c26927$90c02df0$02a9a8c0@valentin>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826

Torsten Valentin wrote:

> For my purposes and in my scenario it will improve security.

It will not. If there is a risk of someone taking your server offline, 
opening the case, getting the HD out, modify the contents, put it back 
in the case, getting it back online without anyone noticing you have a 
lot of other problems ;-)

> My method
> is to give the kernel a new variable with a signature in it that I have
> created before compiling my /sbin/init. Then I make my /sbin/init so
> that it checks for the signature in the kernel (similar to `sysclt
> kern.mysignature`). If the signature is correct, we are running "my"
> kernel.

That will only work if the signature is stored in a secure place. If it 
is on the same HD it is not secure. I could update the signature before 
putting the HD back.

> I think it's a huge improvement in security!

I think it's not ;-)

Jan Wildeboer

References:
- Re: Checking integrity of /sbin/init from within kernel
  - From: "Torsten Valentin" <winsock2@musiker.de>

Prev by Date: Re: Checking integrity of /sbin/init from within kernel
Next by Date: Re: Kernel-option for quiet booting?
Prev by thread: Re: Checking integrity of /sbin/init from within kernel
Next by thread: Re: Checking integrity of /sbin/init from within kernel
Index(es):
- Date
- Thread