From: Olivier Sessink <oliviersessink@gmail.com>
To: dm-crypt@saout.de
Subject: [dm-crypt] encrypted root: prevent / detect tampering with kernel / initrd
Date: Mon, 28 Dec 2009 21:28:43 +0100 [thread overview]
Message-ID: <4B3914FB.7060008@gmail.com> (raw)
Hi all,
I was wondering if there are some 'common' ways to prevent tampering
with the unencrypted kernel and initrd in the case of an encrypted root
filesystem? If somebody has access to your computer they could change
the initrd and kernel and make your encryption useless (e.g. store the
password in /boot, or send it over the network, etc. etc.). It shouldn't
be too hard to make this at least very difficult.
I was thinking along the lines of:
- check a checksum of the MBR and partition table
- check a checksum of the complete /boot filesystem
- check the pointers in the kernel system call table (detects many rootkits)
- check for virtualization (any virtual rootkits)
- ...? any better ideas how to detect tampering?
Obviously all of this should be done by a binary inside the encrypted
filesystem - everything in /boot (kernel and initrd) is not to be
trusted. That means we can only warn the user after the password is
probably gone already, but this is better than nothing.
Any comments, ideas or links ?
regards,
Olivier
next reply other threads:[~2009-12-28 20:29 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-12-28 20:28 Olivier Sessink [this message]
2009-12-28 21:20 ` [dm-crypt] encrypted root: prevent / detect tampering with kernel / initrd Luca Berra
2009-12-28 21:41 ` Olivier Sessink
2009-12-28 23:11 ` Heinz Diehl
2009-12-29 10:05 ` Olivier Sessink
2009-12-29 10:23 ` [lesh] Ivan Nikolic
2009-12-29 12:25 ` Olivier Sessink
2009-12-29 12:37 ` Milan Broz
2009-12-29 20:24 ` Arno Wagner
2009-12-29 21:15 ` Heinz Diehl
2009-12-29 23:02 ` Olivier Sessink
2009-12-30 2:52 ` Arno Wagner
2009-12-30 14:16 ` Heinz Diehl
2009-12-30 15:34 ` Arno Wagner
2009-12-29 21:31 ` Hannes Erven
2009-12-29 21:41 ` Gregy
2009-12-30 2:53 ` Arno Wagner
2009-12-28 22:41 ` Zdenek Kaspar
2009-12-28 22:51 ` Zdenek Kaspar
2009-12-28 22:57 ` Heinz Diehl
2009-12-29 20:18 ` Arno Wagner
2009-12-29 22:52 ` Olivier Sessink
2009-12-30 2:56 ` Arno Wagner
2009-12-30 10:48 ` Olivier Sessink
2009-12-30 15:28 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B3914FB.7060008@gmail.com \
--to=oliviersessink@gmail.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.