Posted Jun 2, 2005 8:35 UTC (Thu) by goaty
Parent article: The Integrity Measurement Architecture
It'll protect (to some extent) ordinary users from their own stupidity. Not much use if root themselves is trying to subvert it.
1) Write your "black hat script"
2) gdb /bin/sh
3) break send_hash_to_kernel
4) run sh black-hat-script.sh
5) set hash_value = permitted_value
The trusted computing folk can get around this by prohibiting gdb... anyone reminded of http://www.gnu.org/philosophy/right-to-read.html ?
to post comments)