Dailydave mailing list archives
Re: Default Deny on Executables
From: miah <miah () chia-pet org>
Date: Wed, 14 Sep 2005 12:28:33 -0400
On Wed, Sep 14, 2005 at 10:51:05AM -0500, El Nahual wrote:
There are couple of tools that do this, problem is most of them sign inside the binary which makes harder to actually put this kinda solution in mass production 8specially if you clone machines and that kinda stuff)
Why would that make it harder? Its not like the binary will have a different signature on each system, its going to be the same file. Look at it from a distro perspective. If Redhat were to sign all their binaries, the signature would be the same on each file on each installed system, and you'd be able to verify it actually came from Redhat by checking that signature and comparing it to Redhat's online database (if they had such a thing). RPM has that basic functionality built in, the RPM's are signed, and the rpm knows the md5sum of each file it contains, using RPM you can easily determine if a file owned by a RPM has been modified (so long as somebody hasn't modified the rpm database). -miah
Current thread:
- Re: Re: Hacking's American as Apple Cider, (continued)
- Re: Re: Hacking's American as Apple Cider pageexec (Sep 10)
- Re: Re: Hacking's American as Apple Cider Nick Drage (Sep 14)
- Re: Re: Hacking's American as Apple Cider pageexec (Sep 14)
- Re: Default Deny on Executables Dave Aitel (Sep 14)
- Re: Default Deny on Executables miah (Sep 14)
- Re: Default Deny on Executables Simon B (Sep 14)
- Re: Default Deny on Executables Kurt Seifried (Sep 14)
- RE: Default Deny on Executables Sash (Sep 14)
- Re: Default Deny on Executables Eduardo Tongson (Sep 14)
- Re: Re: Hacking's American as Apple Cider Nick Drage (Sep 14)
- Re: Re: Hacking's American as Apple Cider pageexec (Sep 10)
- RE: Default Deny on Executables El Nahual (Sep 14)
- Re: Default Deny on Executables miah (Sep 14)
- Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
- RE: Default Deny on Executables El Nahual (Sep 14)
- Re: Default Deny on Executables Dave Aitel (Sep 14)
- Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
- Re: Default Deny on Executables Joel Eriksson (Sep 14)
- Re: Default Deny on Executables Blue Boar (Sep 14)
- Re: Re: Hacking's American as Apple Cider Jason Syversen (Sep 20)
- Science? (WAS: Hacking's American as Apple Cider) Barrie Dempster (Sep 21)