Cryto verification of Kernel against Trojan code??

Timothy Covell (timothy.covell@ashavan.org)
Thu, 3 Jan 2002 10:00:28 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ion Badulescu: "Re: [CFT] [JANITORIAL] Unbork fs.h"
Previous message: Albert D. Cahalan: "Re: system.map"
In reply to: Alan Cox: "Re: ISA slot detection on PCI systems?"
Next in thread: Cameron Simpson: "Re: ISA slot detection on PCI systems?"

On Thursday 03 January 2002 06:35, Alan Cox wrote:
> > binary may have bugs, security holes, race conditions etc; it may be
> > hacked post boot (no so easy to do to the live kernel image), etc
>
> Just like the kernel, only the binary is a little less dangerous. Hacking
> live kernel images is trivial also btw. There are tools for it.

And that brings me to my crazy thought for the day. System.map is
what is says, a map of the system. Would it make any sense to compute
an md5 hash on it and use it as a means of verifying that the kernel is
clean from tampering? (That's assuming that the hackers didn't replace
syscalls with a trojan with exactly the same size and same location.)

-- 
timothy.covell@ashavan.org.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Ion Badulescu: "Re: [CFT] [JANITORIAL] Unbork fs.h"
Previous message: Albert D. Cahalan: "Re: system.map"
In reply to: Alan Cox: "Re: ISA slot detection on PCI systems?"
Next in thread: Cameron Simpson: "Re: ISA slot detection on PCI systems?"