Dailydave mailing list archives
Re: Default Deny on Executables
From: Dave Aitel <dave () immunitysec com>
Date: Wed, 14 Sep 2005 12:50:08 -0400
Andrew R. Reiter wrote:
You don't necessarily have to sign the whole file if you can sign sections (aka the text/data/global/etc segments) of it, or include a "these segments are signed and all others should be ignored" segment, that is itself signed by RH/Dell/etc.<snip>While this is on a different OS, I've seen numerous installer packages modify the binary being put onto the machine to include various information (OS version, arch, install time). So, if for any reason, there are installation packages that do modify ELF files (I've never looked into this), you might have issues. But I don't see this as a common thing to *nix -- though I've not looked into it.
-dave
Cheers,
Andrew
-------------------------------------------------------------
"Natural bridges on a clean west swell,
Break over the reef like a bat of out hell." -- Sublime.
Current thread:
- Re: Default Deny on Executables, (continued)
- Re: Default Deny on Executables Dave Aitel (Sep 14)
- Re: Default Deny on Executables miah (Sep 14)
- Re: Default Deny on Executables Simon B (Sep 14)
- Re: Default Deny on Executables Kurt Seifried (Sep 14)
- RE: Default Deny on Executables Sash (Sep 14)
- Re: Default Deny on Executables Eduardo Tongson (Sep 14)
- RE: Default Deny on Executables El Nahual (Sep 14)
- Re: Default Deny on Executables miah (Sep 14)
- Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
- RE: Default Deny on Executables El Nahual (Sep 14)
- Re: Default Deny on Executables Dave Aitel (Sep 14)
- Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
- Re: Default Deny on Executables Joel Eriksson (Sep 14)
- Re: Default Deny on Executables Blue Boar (Sep 14)
- Re: Re: Hacking's American as Apple Cider Jason Syversen (Sep 20)
- Science? (WAS: Hacking's American as Apple Cider) Barrie Dempster (Sep 21)