How feasable would it be to digitally sign kernel modules? Using a trusted local private key, a module could be signed at compile time. The kernel could be patched to disallow any unsigned modules from loading. I have no idea if this is technically possible, but Knark seems to be a persistent weakness in security measures such as Tripwire. -------------- Sjarn Valkhoff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- Re: A question about Knark and modules Sjarn Valkhoff
- Re: A question about Knark and modules Ethan Benson
- Re: A question about Knark and modules Juha Jäykkä
- Re: A question about Knark and modules Ethan Benson
- Re: A question about Knark and modules Sjarn Valkhoff
- Re: A question about Knark and modules Ethan Benson
- Re: A question about Knark and modules Christian Jaeger
- Re: A question about Knark and modules Jim Breton
- Re: A question about Knark and modules Ethan Benson
- Re: A question about Knark and modules Ethan Benson
- Re: A question about Knark and modules Peter Cordes
