Re: Locking Down a Linux Server

From: Jose Nazario (
Date: 01/08/02

Date: Tue, 8 Jan 2002 11:19:06 -0500 (EST)
From: Jose Nazario <>
To: Björn Eriksson <>

On Tue, 8 Jan 2002, [iso-8859-1] Björn Eriksson wrote:

> Agreed. Has, openwall or anyone else produced a kernel-
> patch which only allows signed executables to run?

immunix has a product that can do this. its very, very nice ... it uses
hash signatures to control the veracity of the executable. 'subdomain' is
the product, part of their commercial Immunix SDK.

jose nazario
                           PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (