|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Default Deny on Executables
From: Dave Aitel (dave
immunitysec.com)
Date: Wed Sep 14 2005 - 11:50:08 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrew R. Reiter wrote:
> <snip>
>
> While this is on a different OS, I've seen numerous installer packages
> modify the binary being put onto the machine to include various
> information (OS version, arch, install time). So, if for any reason,
> there are installation packages that do modify ELF files (I've never
> looked into this), you might have issues. But I don't see this as a
> common thing to *nix -- though I've not looked into it.
>
>
You don't necessarily have to sign the whole file if you can sign
sections (aka the text/data/global/etc segments) of it, or include a
"these segments are signed and all others should be ignored" segment,
that is itself signed by RH/Dell/etc.
-dave
> Cheers,
> Andrew
>
> -------------------------------------------------------------
> "Natural bridges on a clean west swell,
> Break over the reef like a bat of out hell." -- Sublime.
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]