Makeing Debian more secure - sign binaries with elfsign?

To: debian-qa@lists.debian.org
Subject: Makeing Debian more secure - sign binaries with elfsign?
From: Andreas Kotes <count-debian@flatline.de>
Date: Fri, 30 Apr 2004 15:25:59 +0200
Message-id: <[🔎] 20040430132559.GD32471@aleph.flatline.priv>

Hello!

I've stumbled over elfsign (on http://www.hick.org/code.html) a while
ago, which is a tool that allows cryptographic in-file signing of the
executable and other parts of ELF binaries. I've been pondering about
this for a while, and keep on thinking that this would be a great idea
for distributions like Debian etc. ...

I'd love to have some discussion about this approaches here, before
taking it to individual developers or to the policy team ..

What do you think? Signed binaries instead of tools like tripwire or
aide et all?

There is a tool (elfcmp) which allows to compare on-disk and in-memory
ELF files, too ...

Kind regards,

   Count

-- 
Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine!
Follow the path of the unsafe, independent thinker. Expose your ideas to the
danger of controversy. Speak your mind and fear less the label of "crackpot"
than the stigma of conformity. (Thomas J. Watson) ### OpenPGP key 0x8F94C228

Reply to:

Prev by Date: Bug#246684: packages.qa.debian.org do not updating information about search-citeseer
Next by Date: Bug#246684: packages.qa.debian.org do not updating information about search-citeseer
Previous by thread: Bug#246684: packages.qa.debian.org do not updating information about search-citeseer
Next by thread: DEHS source code available on alioth
Index(es):
- Date
- Thread