Slashdot Mirror

← Back to Stories (view on slashdot.org)

Protecting System Binaries From Trojan Attack

Posted by timothy on Wednesday October 30, 2002 @12:59PM from the matching-game dept.

junyoung writes "Brett Lymn has added verified exec to NetBSD-current, which verifies a cryptographic hash before allowing execution of binaries and scripts. This can be used to prevent a system from running binaries or scripts which have been illegally modified or installed. Verified exec can also be used to limit the use of script interpreters to authorized scripts only and disallow interactive use."

1 of 44 comments (clear)

Min score:

Reason:

Sort:

Re:Will this really help? by ChadN · 2002-10-30 13:27 · Score: 5, Informative

"cryptographic hash" != "checksum"

What you propose is not feasible, if a hash like SHA or even MD5 is used.

--
"It's overkill, of course. But you can never have too much overkill." - Anonymous Slashdot Coward