Thread (15 messages) 15 messages, 5 authors, 2011-11-10

Re: Ext4 data structures integrity

From: Andreas Dilger <hidden>
Date: 2011-09-28 17:15:55

On 2011-09-28, at 9:19 AM, "Kasatkin, Dmitry" [off-list ref] wrote:
I work on integrity protection subsystem IMA/EVM (linux/security/integrity).
The target is to protect against offline modifications.
Using block re-mapping I was able to implement simple attack which
allows to circumvent IMA integrity verification.
In order to prevent this kind of attack, it is necessary to run fsck every boot.

I want to know if there is a better way to prevent such attacks...
There is work currently being done to add checksums for detecting filesystem corruption (see list archive). However, if the attacker can binary edit the underlying disk device then they can also edit the checksums (crc32c) at the same time. 

The only secure way to handle this would be a crypto checksum with a secret key. At that point you may as well just use a whole crypto/backed filesystem?

Cheers, Andreas
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help