User: Password:
|
|
Subscribe / Log in / New account

Signing ELF binaries

Signing ELF binaries

Posted Jan 17, 2013 10:48 UTC (Thu) by keeperofdakeys (subscriber, #82635)
In reply to: Signing ELF binaries by kugel
Parent article: Signing ELF binaries

Secure boot works a bit differently to what you think. The purpose of secure boot is to check the cryptographic hash of a binary, and if it's not trusted, then it isn't executed. Beyond this, there are no other protections. If you only sign pieces of code that you trust, and these only execute (privileged) pieces of code that you trust, you can ensure you are protected. So a signed, malicious binary can emulate a SBE environment, then boot the SBE enabled Windows.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds