Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files
On Mon, Dec 14, 1998 at 12:40:46AM +0100, Wichert Akkerman wrote:
> Previously Oscar Levi wrote:
> > I'm posting this notice to let interested folks try it out. I have
> > done enough testing to believe that it correctly rewrites executables
> > and shared libraries. It handles soft links correctly. It returns
> > appropriate result codes when used for hash/signature verification.
>
> This is very interesting! Could you use it on installed binaries to
> sign them, so you can verify them at a later stage? Does it also work
> for shared libraries?
Indeed. I like it because it could be something we do as part of the
deb creation process. Albeit, signatures are not the raison d'etre
[pardon my French] for bsign, but it is a useful extension of the
original idea. In fact, we can sign everything. I intend to add
script files, too. These are much simpler than binaries, so I'm doing
them later. Remember that the original reason for bsign was to detect
subtle hard disk failures that RAID does not catch.
> This sounds like a very usefull tool which can be used as an alternative
> to tripwire.
Someone else mentioned Tripwire. What is it and where can I find it?
It is commercial?
>
> Wichert.
>
> --
> ==============================================================================
> This combination of bytes forms a message written to you by Wichert Akkerman.
> E-Mail: wakkerma@cs.leidenuniv.nl
> WWW: http://www.wi.leidenuniv.nl/~wichert/
Reply to: