Re: execution policy for shells

To: tech-security%NetBSD.org@localhost
Subject: Re: execution policy for shells
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Fri, 24 Sep 2010 12:59:02 -0400

On Thu, Sep 23, 2010 at 03:06:39PM -0400, Jan Schaumann wrote:
> Thor Lancelot Simon <tls%panix.com@localhost> wrote:
>  
> > So you need the shell to be the thing whose fingerprint is known to the
> > kernel
> 
> Yes.
> 
> >, and the interpreted scripts to be known to the shell.
> 
> I'd like to avoid having to know in advance the scripts the shell might
> run.  I'd rather say "only run a scrip -- any script -- if it's signed
> by X".

I think you're not really getting my operative definition of "known to".

It's a lot easier to validate a RSA signature in the shell than in the
kernel (though if you want to implement software public key operations
in /dev/crypto be my guest).

-- 
Thor Lancelot Simon                                    
tls%rek.tjls.com@localhost
  "All of my opinions are consistent, but I cannot present them all
   at once."    -Jean-Jacques Rousseau, On The Social Contract

References:
- execution policy for shells
  - From: Jan Schaumann
- Re: execution policy for shells
  - From: Thor Lancelot Simon
- Re: execution policy for shells
  - From: Brett Lymn
- Re: execution policy for shells
  - From: Jan Schaumann
- Re: execution policy for shells
  - From: Thor Lancelot Simon
- Re: execution policy for shells
  - From: Jan Schaumann

Prev by Date: Re: execution policy for shells
Next by Date: NetBSD Security Advisory 2010-007: Integer overflow in libbz2 decompression code
Previous by Thread: Re: execution policy for shells
Next by Thread: NetBSD Security Advisory 2010-007: Integer overflow in libbz2 decompression code
Indexes:

Home | Main Index | Thread Index | Old Index