Re: Thanks / was: RE: Checking integrity of /sbin/init from within kernel

[wojtek@ifirma.pl]

Thorsten,


I am afraid you may not have the last word and tell other people to shut
up.

>I could imagine a lot of methods for generating a kernel that is not
>trivial to disassemble from a binary though fully disclosed in
>source-code (the key is randomness), but I agree that this off course is
>breakable at the end, if the attacker has just enough skills and time.

Well, a general method is: you just use the kernel's own method of
unwrapping without the need to understand how it does the job. The
complexity of the process doesn't matter at all.

>What I don't understand is the negative position of most
>of the participants in this thread against this non-perfect
>but in my opinion well working and measurable security
>enhancement.

First you wanted to protect only the second link in the chain (init), then
you extended your idea to protect first two: kernel and init. This is of
limited applicability at best. And then you are suprised that nobody wants
to implement this for you for free. Give me, as they say, a break.

You just constantly refuse to accept the fact that many people don't share
your opinon that your enhancement is well working and messurable.

>I'll keep on searching for a programmer that's interested
>in this concept. :-)

Good luck. Once you are done, please share your results for exogenous
verification. You will find out who was correct.


Regards,
Wojtek