Visit Our UNIX and Linux User Community


"Signed Linux" - Only executing signed programs


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users "Signed Linux" - Only executing signed programs
# 1  
Old 02-23-2011
"Signed Linux" - Only executing signed programs

Hey folks,
not sure whether this or the security board is the right forum. If I failed, please move Smilie

So here's the problem:
I need to build a Linux environment in which only "signed" processes are allowed to run. When I say signed I don't mean a VeriSign signature like you know it from Windows, but I mean signed by myself. I.e. I choose the software allowed to run, sign it, and then want to deny any other processes to run.
If it is somehow possible I'd like to extend this even to scripts and the kernel (i.e. no unsigned modules can be loaded).
Does anyone have a good idea how to solve this problem?
The bad thing is: I'm pretty fine with coding stuff myself in C, but have absolutely 0 experience or knowledge in kernel (module)-programming.

Any tipps, links, literature, finished programs will be appreciated, thanks Smilie

A short idea I had and almost forgot: How difficult is it to change the routine of linux which starts a process in such a way that it will call for every process start a little programm of myself which will then check the program to be executed and - in case of a missing signature - will cancel it?
# 2  
Old 02-23-2011
I don't see any reason to do this.
If you build a system with only the programs that you will allow installed, and then give users restricted shell access only, they can only run programs that you have approved, and have no way to install others.
# 3  
Old 02-23-2011
Quote:
Originally Posted by disaster
So here's the problem:
I need to build a Linux environment in which only "signed" processes are allowed to run. When I say signed I don't mean a VeriSign signature like you know it from Windows, but I mean signed by myself. I.e. I choose the software allowed to run, sign it, and then want to deny any other processes to run.
And the executable bit is insufficient why?
# 4  
Old 02-27-2011
What is wrong with SELINUX, AppArmor, or similar security policy models?
# 5  
Old 02-27-2011
I think this technique has a lot of promise. There are several implementations. Here is one. Google for "linux signed executables only" to see other references.

And those of you who think execution bits or restricted shells provide adequate security might want to take a look. Smilie
# 6  
Old 03-01-2011
Not merely execution bits, but file and account control in general...

The point remains the same: We don't know his goals, and he hasn't returned to describe them, so this kind of scheme is likely to be severe overkill.

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Expect: spawn id exp5 not open while executing "expect "$" { send "sudo su -\r" }"

Hi All, i am trying to ssh to a remote machine and execute certain command to remote machine through script. i am able to ssh but after its getting hung at the promt and after pressing ctrl +d i am gettin the out put as expect: spawn id exp5 not open while executing "expect "$" {... (3 Replies)
Discussion started by: Siddharth shivh
3 Replies

Featured Tech Videos