[cgl_discussion] New reference for CON 6.0 requirement
Makan.Pourzandi at ericsson.ca
Mon Sep 29 14:25:31 PDT 2003
There is a new reference for CON 6.0 "secure integrity verification of
binaries before loading them":
http://sourceforge.net/projects/disec/, the digsig-0.2 package. We
implemented a kernel module using LSM hooks for 2.5.66 and higher which
verifies signature of a binary before running it. The main goal is to
insert digital signatures inside the ELF binary
and verify this signature before loading the binary.
The documentation is not yet complete. I tried to put every thing in
Readme which is definitely not enough. However, I believe from the
feedback I had till now, it is enough to understand and run the code. We
currently work on the documentation and also add new improvements on
As always, we'll appreciate your feedback.
Ps. the latest README file on the cvs has more performance measurements
on it. For interested people send me an email and I send you the latest
README (or cvs check out or browse the cvs tree from source forge).
More information about the cgl_discussion