[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security
linux at roeck-us.net
Fri Jun 29 17:31:11 UTC 2012
On Fri, Jun 29, 2012 at 06:59:32PM +0200, Jiri Kosina wrote:
> On Fri, 29 Jun 2012, Guenter Roeck wrote:
> > > > As far as I know, secure boot is not only for booting but it also
> > > > including authentication of all executable binaries include
> > > > applications. Thus, the user can't execute any untrusted (not-signed)
> > > > binary and programs, as like as viruses, (unauthenticated:))malwares.
> > >
> > > No, it doesn't imply any signing of userspace.
> > >
> > Are there any plans to add support for signed binaries, similar to what
> > the digsig module used to provide ?
> I highly doubt that this will be useful in practice.
> - how about all the interpreted stuff (bash, perl, awk, ...)? I don't
> think you can get rid of those completely except for very very
> specialized systems (and those you can often just have on some R/O only
> media anyway)
> - hooking execve() definitely is not enough, you'd have to have a complete
> support in the userspace toolchain (think of dlopen(), or dynamic
> linking in general)
> - you'd forbid strace() completely on such system, right?
the requirement I have to address is "We have implemented support for signed
executables in OS XXX, and want to have the same functionality in Linux".
I am not in a position to know or understand the scope of that existing
implementation, nor did I spend any time looking into details of the digsig
implementation, nor into Greg KH's implementation from several years ago.
That will take another month or two.
My question right now is if there is interest in support for signed executables
beyond my own or, rather, the company or companies I might represent in the
future. If there is, it might be worthwhile discussing the options, as I would
prefer an upstream solution over a local one. If not, never mind ;).
More information about the Ksummit-2012-discuss