Brett Lymn <blymn%baea.com.au@localhost> wrote: > On Thu, Sep 23, 2010 at 07:35:14AM -0400, Thor Lancelot Simon wrote: > > > > It's "possible via veriexec" inasmuch as you can allow only the one > > true blessed shell to run, and implement whatever policy you care to > > in that shell. This is how the VMS dynamic linker protected the rest > > of the system from bad shared objects... > > actually, veriexec can be more subtle than that. You can bless > certain shell scripts but deny the direct invocation of the shell > interpreter. But that requires me explicitly stating which scripts are allowed to run, right? What I'm looking for is a way to allow any arbitrary script to be executed so long as it's signed by an entity I previously identified. If no signature is found, the signature does not verify or is not by the entity I declared, then execution is refused. -Jan
Attachment:
pgpSUQk7Df6U4.pgp
Description: PGP signature