On Wed, Jan 16, 2013 at 02:24:50PM -0500, Mimi Zohar wrote: [..] > > > Sorry, this is out of scope for IMA. Dmitry has looked into this, but > > > I'm not sure where it stands at the moment. > > > > Ok, so that's one reason that why I wrote these patcehs. IMA currently > > is not doing following things to make sure address space of signed images > > is not modified by others. > > > > - Protecting against modifications to pages on swap. > > - Protecting against modifications by ptrace. > > - Protecting against modifications which bypassed filesystem and directly > > wrote to the block. > > > > Locking down all the pages of signed binaries in memory hopefully should > > solve above problems. > > Signing and verifying ELF executables goes back a long time ~2003/4, > from a number of esteemed kernel developers, including Greg-KH and Serge > Hallyn. > > IMA-appraisal isn't limited to appraising a single type of file, but is > a generic mechanism for appraising all files. If there are issues that > aren't being addressed, then by all means, please help by addressing > them. Duplicating a large portion of the code is not productive.
So do you have ideas on how to address above mentioned issues. Do they fit into the realm of IMA/EVM or I just need to write separate code (which I have already done). With above issues, IMA stuff for executable files sounds incomplete. Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
