[PATCH 1/2] ima: define ima_trusted_for hook
Mimi Zohar
zohar at linux.ibm.com
Wed Oct 13 14:34:49 UTC 2021
On Wed, 2021-10-13 at 07:01 -0400, Mimi Zohar wrote:
> A major interpreter integrity gap exists which allows files read by
> the interpreter to be executed without measuring the file or verifying
> the file's signature.
>
> The kernel has no knowledge about the file being read by the interpreter.
> Only the interpreter knows the context(eg. data, execute) and must be
> trusted to provide that information accurately.
>
> To close this integrity gap, define an ima_trusted_for hook to allow
> IMA to measure the file and verify the file's signature based on policy.
>
> Sample policy rules:
> measure func=TRUSTED_FOR_CHECK
> appraise func=TRUSTED_FOR_CHECK
To require file signatures, the policy rule should be:
appraise func=TRUSTED_FOR_CHECK appraise_type=imasig
>
> Signed-off-by: Mimi Zohar <zohar at linux.ibm.com>
More information about the Linux-security-module-archive
mailing list