Patrick Valsecchi
Thu, 21 Jun 2001 14:12:44 -0700
Hi My company is working for another company (let call it C) that is going to provide Linux boxes to its customers. As C is going to give them free or for a small fee, C doesn't want the customers to use the boxes for another purpose that the one specified by C. C doesn't want the user to be able to: - run another kernel than the one S provides - run executables that have not been signed by authorized developpers or that have been modified (signed executables) - change or alter the dynamic libraries (signed .so files) - have access to the binary of some executables (for avoiding reverse engineering) - save a file and give the disk to a friend (encrypted files, but I need to be fast on read and write, here) All that by using: - a SmartCard - a modified kernel - a specialised hardware for encryption - maybe a modified loader (lilo) And that mustn't be just simple tricks, we must protect those boxes against very skilled hackers. Is there existing projects on those subjects? Is anybody already worked on it? Thanks for your help. --- -°) Patrick Valsecchi /\\ _\_v *************************************************************** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***************************************************************