T -> trojaned code

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

T -> trojaned code

Postby skruq » Sat Dec 20, 2003 7:43 pm

I just wanna know what the T option (Ensures this process can never execute any trojaned code) exactly does. Does it means that there is a hash function calculate on the binary and it is verified each time we execute the binary to be sure that its not a trojaned binary?
Thanks
skruq
 
Posts: 6
Joined: Sat Dec 20, 2003 7:39 pm

Re: T -> trojaned code

Postby PaX Team » Mon Dec 22, 2003 8:42 am

skruq wrote:I just wanna know what the T option (Ensures this process can never execute any trojaned code) exactly does. Does it means that there is a hash function calculate on the binary and it is verified each time we execute the binary to be sure that its not a trojaned binary?
no, this is not runtime verification but rather a check of the ACLs before they're loaded into the kernel. the T subject flag ensures that there're no executable objects of the given subject that are writable by other subjects/objects. that is, you can guarantee that the given subject cannot execute code that could have been modified by another.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Postby skruq » Mon Dec 22, 2003 5:52 pm

Thanks for the clear&complete answer and thanks for your great work (PaX), it helps me sleeping better each night :)
Cya
skruq
 
Posts: 6
Joined: Sat Dec 20, 2003 7:39 pm


Return to grsecurity support