User: Password:
Subscribe / Log in / New account

Signed Executables.

Signed Executables.

Posted Mar 2, 2007 15:34 UTC (Fri) by aashenfe (guest, #12212)
In reply to: Signed Executables. by tetromino
Parent article: Hunting for Rootkits

Very true. SELinux can and probably does provide this and way much more.

I think "way much more" might be the problem.

When I'm looking around for different howto's for certain setups, a number of time it says they disabled SELinux to get the system to work correctly. I try to leave SELinux enabled if I can, but sometimes I still give up and disable it. I'm sure there is a way to configure SELinux correctly, and maybe I'm irresponsible for not figuring it out.

I like the Idea of signed executables because it targets one security question. "Do I let this executable run?" SElinux or AppArmor can then answer the harder to setup question "What do I let this executable do? "

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds