Posted Jul 9, 2004 8:36 UTC (Fri) by keroami
Parent article: Cryptographic signatures on kernel modules
You would have to use a one-time GPG private key when building kernel+modules or the rootkit would use your private key, sign its module and load it.
That in turn means that `make modules` will have to rebuild the kernel I can live with that :)
Similarly, distributions couldn't leave the private key on their systems; if they'd be compromised, many other systems could be loading malafide modules again. Checking (on the network?) for a revoked GPG key seems to defeat the purpose of network modules; moreover, your whole kernel would be useless after revoking such a key.
Yet, if this can be used to prevent rootkits like adore to install themselves as invisibly as they can now, I'll start using it asap!
to post comments)