[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files



On Sun, Dec 13, 1998 at 09:18:00PM -0800, Stephen Zander wrote:
> >>>>> "Oscar" == Oscar Levi <elf@buici.com> writes:
>     Oscar> Someone else mentioned Tripwire.  What is it and where can
>     Oscar> I find it?  It is commercial?
> 
> As the sometime tripwire maintainer, it's in non-free. 

Just found it.  

It is used?  It looks kinda complex.  It has this idea of a 'valid'
snapshot that I don't really like.  I'd prefer to use a heuristic: all
files suid root and those in specified directories must be signed.
Or, all ELF files must be signed.

Anyway, I'm just kicking this around right now.  My original intention
was not to implement some sort of security tool.  It's a devilish
field since there's always someone out there with another way to foil
you. 

> -- 
> Stephen
> ---
> It should be illegal to yell "Y2K" in a crowded economy.  :-) -- Larry Wall


Reply to: