Dailydave mailing list archives
Re: Default Deny on Executables
From: "Andrew R. Reiter" <arr () watson org>
Date: Wed, 14 Sep 2005 12:41:27 -0400 (EDT)
On Wed, 14 Sep 2005, miah wrote: :On Wed, Sep 14, 2005 at 10:51:05AM -0500, El Nahual wrote: :> There are couple of tools that do this, problem is most of them sign inside :> the binary which makes harder to actually put this kinda solution in mass :> production 8specially if you clone machines and that kinda stuff) : :Why would that make it harder? Its not like the binary will have a :different signature on each system, its going to be the same file. Look :at it from a distro perspective. If Redhat were to sign all their :binaries, the signature would be the same on each file on each installed :system, and you'd be able to verify it actually came from Redhat by :checking that signature and comparing it to Redhat's online database (if :they had such a thing). : :RPM has that basic functionality built in, the RPM's are signed, and the :rpm knows the md5sum of each file it contains, using RPM you can easily :determine if a file owned by a RPM has been modified (so long as somebody :hasn't modified the rpm database). : While this is on a different OS, I've seen numerous installer packages modify the binary being put onto the machine to include various information (OS version, arch, install time). So, if for any reason, there are installation packages that do modify ELF files (I've never looked into this), you might have issues. But I don't see this as a common thing to *nix -- though I've not looked into it. Cheers, Andrew ------------------------------------------------------------- "Natural bridges on a clean west swell, Break over the reef like a bat of out hell." -- Sublime.
Current thread:
- Re: Re: Hacking's American as Apple Cider, (continued)
- Re: Re: Hacking's American as Apple Cider Nick Drage (Sep 14)
- Re: Re: Hacking's American as Apple Cider pageexec (Sep 14)
- Re: Default Deny on Executables Dave Aitel (Sep 14)
- Re: Default Deny on Executables miah (Sep 14)
- Re: Default Deny on Executables Simon B (Sep 14)
- Re: Default Deny on Executables Kurt Seifried (Sep 14)
- RE: Default Deny on Executables Sash (Sep 14)
- Re: Default Deny on Executables Eduardo Tongson (Sep 14)
- Re: Re: Hacking's American as Apple Cider Nick Drage (Sep 14)
- RE: Default Deny on Executables El Nahual (Sep 14)
- Re: Default Deny on Executables miah (Sep 14)
- Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
- RE: Default Deny on Executables El Nahual (Sep 14)
- Re: Default Deny on Executables Dave Aitel (Sep 14)
- Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
- Re: Default Deny on Executables Joel Eriksson (Sep 14)
- Re: Default Deny on Executables Blue Boar (Sep 14)
- Re: Re: Hacking's American as Apple Cider Jason Syversen (Sep 20)
- Science? (WAS: Hacking's American as Apple Cider) Barrie Dempster (Sep 21)