hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
 
[20050422] Major changes to verified exec
Verified Exec is NetBSD's feature to only execute programs with known (good) checksums. Brett Lymn has made a bunch of changes based on code from Elad Efrat: in-kernel fingerprints are stored in a hash table now (for faster lookup), and multiple fingerprint methods are now supported, including md5, sha1, rmd160, sha256, sha384 and sha512. See Brett's posting for more information, esp. on the veriexecctl(8) user interface.

[Tags: , , ]


Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 24856527
Copyright (c) Hubert Feyrer