Roman Zippel [EMAIL PROTECTED] wrote:
On Thu, 15 Feb 2007, David Howells wrote:
This is really the weak point - it offers no advantage over an equivalent
implementation in user space (e.g. in the module tools). So why has to be
done in the kernel?
Because the init_module() system call
Hi!
Now, this is not a complete solution by any means: the core kernel is not
protected, and nor are /dev/mem or /dev/kmem, but it denies (or at least
controls) one relatively simple attack vector.
Could we fix the /dev/*mem holes, first? They are already used by
malicious modules (aka
The restricted dev/mem patches we've had in Fedora for a while
do the right thing, but they're a bit crufty (in part due to
drivers/char/mem.c being a bit of a mess before we even start
patching it). I've had clean these up for upstream on my
todo for a while. I might get around to it one
On Wed, 14 Feb 2007, David Howells wrote:
(1) A cut-down MPI library derived from GPG with error handling added.
Do we really need to add this?
Wouldn't it be much nicer to just teach people to use one of the existing
signature things that we need for _other_ cases anyway, and already have
Linus Torvalds [EMAIL PROTECTED] wrote:
(1) A cut-down MPI library derived from GPG with error handling added.
Do we really need to add this?
I presume you mean the MPI library specifically? If so, then yes. It's
necessary to do DSA signature verification (or RSA for that matter).
Michael Halcrow [EMAIL PROTECTED] wrote:
Right now, eCryptfs just delegates its modular exponentiation
operations to a userspace daemon. If RSA ever finds its way into the
kernel, I might tweak eCryptfs to use that instead for some of the
public key operations.
Am I right in thinking that
On Wed, Feb 14, 2007 at 09:59:37PM +, David Howells wrote:
Michael Halcrow [EMAIL PROTECTED] wrote:
Right now, eCryptfs just delegates its modular exponentiation
operations to a userspace daemon. If RSA ever finds its way into the
kernel, I might tweak eCryptfs to use that instead for
On Wed, 14 Feb 2007 19:09:38 + David Howells [EMAIL PROTECTED] wrote:
These patches provide a GPG-based kernel module signing facility. Their use
is
not fully automated within the confines of the kernel build process because it
needs provision of keys from outside of the kernel before