[prev in list] [next in list] [prev in thread] [next in thread]
List: opensolaris-security-discuss
Subject: Re: [security-discuss] Limiting setuid/setgid executions to signed
From: Roland Mainz <roland.mainz () nrubsig ! org>
Date: 2007-08-18 6:17:09
Message-ID: 46C68EE5.31AF836E () nrubsig ! org
[Download RAW message or body]
Darren J Moffat wrote:
> Roland Mainz wrote:
> > While playing around with "elfsign"&co. I had an idea - would it be
> > usefull to limit the execution of setuid/setgid executables to signed
> > elf binaries where the signature have to match a predefined list in the
> > kernel ?
> >
> > At least it would close the hole that hackers may create their own
> > versions of setuid/setgid executables and implement backdoors that way
> > for later usage...
>
> We have certainly considered that type of system operation and I hope
> that soon we will have some information on the "Signed Execution"
> project put up on opensolaris.org.
[snip]
Any news about that project ?
----
Bye,
Roland
--
__ . . __
(o.\ \/ /.o) roland.mainz@nrubsig.org
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 7950090
(;O/ \/ \O;)
_______________________________________________
security-discuss mailing list
security-discuss@opensolaris.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic