User: Password:
Subscribe / Log in / New account

The Integrity Measurement Architecture

The Integrity Measurement Architecture

Posted Jun 2, 2005 20:48 UTC (Thu) by zakaelri (guest, #17928)
In reply to: The Integrity Measurement Architecture by stephen_pollei
Parent article: The Integrity Measurement Architecture

Do you mean "How do you prevent the exploit of registering A while runnning B?"? If so, read on...

First off. TPM makes a few fundamental assumption about it's use: If [everything loaded before A] is valid, and A appears valid, then A is valid. If A is valid, than A can be truested.

Basically, they check to make sure that every program that runs has not been modified from the version used to build the original hash. This includes the BIOS, the bootloader, the kernel, init, etc.

So, given that assumption:

If you add the TPM code to (say) bash, and bash is valid, then you know that any script run by bash will be verified by the TPM. Why? Because if the TPM code was changed, bash wouldn't be valid. (When the kernel loads bash, it would fail the check). As long as the script passed, you know it's safe to run.

So, unless there was a security hole programmed into bash, you wouldn't need to worry about it running 1 script while verifying another.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds