Date: Sun, 31 May 1998 05:22:28 -0700 From: David Greenman <dg@root.com> To: Terry Lambert <tlambert@primenet.com> Cc: abial@nask.pl (Andrzej Bialecki), freebsd-hackers@FreeBSD.ORG Subject: Re: Signed executables, safe delete etc. Message-ID: <199805311222.FAA07750@implode.root.com> In-Reply-To: Your message of "Sun, 31 May 1998 09:34:54 -0000." <199805310934.CAA19826@usr04.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> You can wonder what all this is for: it helps to ensure that no element of >> the system has been changed without you knowing it. It could be performed >> during startup of the system, and/or just before executing each binary (as >> far as I understand it, ELF allows to put pretty arbitrary sections into >> the binary). Moreover, this helps to ensure that the system won't boot >> without proper authorization, and even if someone steals it, it could >> refuse to give in (this would require encrypting the disk contents, of >> course - that's why I said about bootblocks...). > >VMS will not mark an executable as executable unless the VMS linker is >the program that created the file. > >In general, the VMS mechanism prevents programs without SYSPRIV from >generating programs that can be loaded as executable. The mechanism >prevents the common case in BSD-land of LISP and other binaries that >extend the data space of executables with code. > >Typically, this is a bad trade-off, favoring security over usability. Terry, sometimes I think we exist in different realities. First of all, any user can set a file as executable in VMS. It does not require any special privileges. Second, there is no "SYSPRIV" privilege. There is a "SYSPRV" privilege, however, that allows the holder access system resources as if he had a system UIC. One does not have to have a system UIC to change file permissions (including the executable flag); all one needs is to be the owner of the file - just like it is in Unix. Third, LISP works just fine in VMS, including dynamic compilation and process extension. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805311222.FAA07750>