operating system loaders
in [Viruses]
|
Prev: Super Fast Web Proxies
Next: Weird spam
From: Vasili on 5 Jul 2010 00:32 Hello, Has anyone implemented a loader that will only execute digitally signed executables? Regards, Vasili
From: "FromTheRafters" erratic on 5 Jul 2010 17:01 "Vasili" <vigalchin(a)gmail.com> wrote in message news:93daa5d9-b4fb-404e-801c-11a9d039280f(a)d8g2000yqf.googlegroups.com... > Hello, > > Has anyone implemented a loader that will only execute digitally > signed executables? Not that I have heard of, but why would the control have to be there as opposed to earlier? Why not integrity check before sending to the loader chain, that way interpreted programs can be checked at the same time as binaries or files otherwise destined to become binary images?
From: Vasili on 5 Jul 2010 19:14 On Jul 5, 4:01 pm, "FromTheRafters" <erratic @nomail.afraid.org> wrote: > "Vasili" <vigalc...(a)gmail.com> wrote in message > > news:93daa5d9-b4fb-404e-801c-11a9d039280f(a)d8g2000yqf.googlegroups.com... > > > Hello, > > > Has anyone implemented a loader that will only execute digitally > > signed executables? > > Not that I have heard of, but why would the control have to be there as > opposed to earlier? Why not integrity check before sending to the loader > chain, that way interpreted programs can be checked at the same time as > binaries or files otherwise destined to become binary images? By "earlier" where are you suggesting to do integrity check? Thanks, Vasili
From: FromTheRafters on 5 Jul 2010 20:01 "Vasili" <vigalchin(a)gmail.com> wrote in message news:710730bf-2f65-4c25-8dc0-b8ded60e340b(a)c33g2000yqm.googlegroups.com... On Jul 5, 4:01 pm, "FromTheRafters" <erratic @nomail.afraid.org> wrote: > "Vasili" <vigalc...(a)gmail.com> wrote in message > > news:93daa5d9-b4fb-404e-801c-11a9d039280f(a)d8g2000yqf.googlegroups.com... > > > Hello, > > > Has anyone implemented a loader that will only execute digitally > > signed executables? > > Not that I have heard of, but why would the control have to be there > as > opposed to earlier? Why not integrity check before sending to the > loader > chain, that way interpreted programs can be checked at the same time > as > binaries or files otherwise destined to become binary images? By "earlier" where are you suggesting to do integrity check? *** When the file is opened (if you want it that way). What are you trying to accomplish? ***
From: Vasili on 11 Jul 2010 03:38
Hi FromTheRafters, I am only concerned about "data in motion" ....e.g. if the executable has to moved over the wire to the loader then it's integrity can be compromised after it's integrity check on the "source" side of the wire where the loader is on the destination side of the wire. See my point? Kind regards, Vasili PS But then we have to be concerned about a hierarchy of signing authority lest a malware writer signs his/her executable to masquerade as "clean" executable. Yes? On Jul 5, 7:01 pm, "FromTheRafters" <erra...(a)nomail.afraid.org> wrote: > "Vasili" <vigalc...(a)gmail.com> wrote in message > > news:710730bf-2f65-4c25-8dc0-b8ded60e340b(a)c33g2000yqm.googlegroups.com... > On Jul 5, 4:01 pm, "FromTheRafters" <erratic @nomail.afraid.org> > wrote: > > > > > "Vasili" <vigalc...(a)gmail.com> wrote in message > > >news:93daa5d9-b4fb-404e-801c-11a9d039280f(a)d8g2000yqf.googlegroups.com... > > > > Hello, > > > > Has anyone implemented a loader that will only execute digitally > > > signed executables? > > > Not that I have heard of, but why would the control have to be there > > as > > opposed to earlier? Why not integrity check before sending to the > > loader > > chain, that way interpreted programs can be checked at the same time > > as > > binaries or files otherwise destined to become binary images? > > By "earlier" where are you suggesting to do integrity check? > > *** > When the file is opened (if you want it that way). > > What are you trying to accomplish? > *** |