[OT] SELinux vs. other systems [was Re: [idea] udev + selinux]
Russell Coker
russell at coker.com.au
Sat Sep 4 08:49:09 UTC 2004
On Fri, 3 Sep 2004 03:07, Linas Vepstas <linas at austin.ibm.com> wrote:
> Well, here's another idle question, again off-topic: Does SELinux provide
> any sort of assurances that storage media weren't tampered with between
> reboots?
No, that is outside the scope of the SE Linux project.
I am one of the many people in Red Hat who are involved in working on crypto
block device support. One of my own systems has a root file system that is
AES encrypted with the kernel and initrd (which includes the decryption key)
on removable media. Eventually I want to see this become a standard feature
of Fedora, maybe in FC4. I think it will address most of what you want in
this regard.
Note that the NSA guys do not talk to me about any security stuff, so I don't
expect them to have any involvement in such things.
> For example, with BIOS/firmware getting more sophisticated over time,
> there's potential for an attacker to break in, remotely, into
> bios/firmware, shortly before booting into the OS, and then alter
> disk contents. Yes, I know this is far-fetched, but was just curious.
When booting from removable media that contains the decryption key the attack
scenario would be to replace the BIOS with one that sends everything it reads
from disk (IE everything that the boot loader reads) over an Ethernet
interface.
A trojan BIOS that modifies the kernel during the boot load process to
introduce a security hole would be doable if you have adequate resources.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list