tir, 14.09.2004 kl. 18.45 skrev Steve Coleman: > John Hearns john.hearns-at-clustervision.com |fedora| wrote: > > > My contention is that the MAC is the only 'key' at this > > stage. > > I was just basically saying to make sure security is thought about early > in the boot process, or at least as early as possible. Authenticating > and verifying images can only be done reliably when there is a security > context of some sort installed already. If there is a way to cache a vpn > key locally to be used for the initial boot process then spoofing the > MAC address (think 'script kiddies' here) would do you little good. That > of course assumes a way to cache the key across instances of the OS, but > they did mention that local caching was a goal of the proposed system. > > If a locally cached key is not configured/available then using the > hardware MAC is the best you can do and it should fall back to the mode > that you suggested. But having the key cached locally could essentially > do what M$ Palladium(tm) aimed to do by verifying the runtime boot > images first and giving you a verifiable core memory image free of > network delivered rootkits etc.. If someone chose to enable that extra > security feature then they could be reasonably ensured that *every* > machine in their domain is not running a hacked image. If one delivered > image is hacked then they all might be, and how would you know which? > The verified memory image would then go on to verify that the rest of > the system security is also sound, like to the SELinux level if it is > configured that way. Not everyone needs this kind of setup, but some do. > > > Speaking as someone who looks after a Mosix cluster, > > from what I've read I doubt Mosix will ever make it into > > the official Linux kernel. > > As for Mosix I am likely putting my foot in my mouth, as I never used > it. I do fault tolerant distributed processing but I do customized > applications for research purposes. I do however like the ideas that > Mosix is trying to achieve. I have had to build a system much like that > myself and appreciate how nice it would be to have those features > available on every machine by default. > > I would love to hear more of your thoughts about Mosix off line if you > have a few minutes to spare. ;) > > Other than that I was just rambling on. - lol > > Steve Coleman > http://www jhuapl edu/ > steve.coleman [atsign] jhuapl [adot] edu > > > > One way to cache VPN keys localy (and other stuff) would be to mount /etc on a flash-disk. But that might again defeat the whole purpose of this stuff...
