On Fri, 3 Sep 2004 03:07, Linas Vepstas <linas@xxxxxxxxxxxxxx> wrote: > Well, here's another idle question, again off-topic: Does SELinux provide > any sort of assurances that storage media weren't tampered with between > reboots? No, that is outside the scope of the SE Linux project. I am one of the many people in Red Hat who are involved in working on crypto block device support. One of my own systems has a root file system that is AES encrypted with the kernel and initrd (which includes the decryption key) on removable media. Eventually I want to see this become a standard feature of Fedora, maybe in FC4. I think it will address most of what you want in this regard. Note that the NSA guys do not talk to me about any security stuff, so I don't expect them to have any involvement in such things. > For example, with BIOS/firmware getting more sophisticated over time, > there's potential for an attacker to break in, remotely, into > bios/firmware, shortly before booting into the OS, and then alter > disk contents. Yes, I know this is far-fetched, but was just curious. When booting from removable media that contains the decryption key the attack scenario would be to replace the BIOS with one that sends everything it reads from disk (IE everything that the boot loader reads) over an Ethernet interface. A trojan BIOS that modifies the kernel during the boot load process to introduce a security hole would be doable if you have adequate resources. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
