Re: more on linux hardening

From: Seth Arnold (sarnold_at_wirex.com)
Date: 05/27/03

  • Next message: Valter Santos: "Re: hardening scripts"
    Date: Tue, 27 May 2003 12:10:55 -0700
    To: focus-linux@securityfocus.com
    
    
    

    On Mon, May 26, 2003 at 06:17:00PM -0400, Mike Lockhart wrote:
    > Are there any good quality papers on creating a system from scratch (not
    > LFS though) that can be trusted 100%? To further elaborate on what I
    > mean, I'd like to find a way to build from source a trusted system that
    > is running only binaries/libs that are built from a trusted compiler,
    > etc.

    This problem is more or less insurmountable without a HUGE budget.

    Consider that the CPU, MMU, PCI Bus, hard drive controller, hard drives,
    etc, all have chips designed with software. That software has to start
    from somewhere. With what? A trusted operating system built from the
    ground up? What CPU, MMU, PCI bus, etc, was that OS designed and built
    on? :)

    This is perhaps taking the chicken/egg scenario further than it needs
    to be taken, but it is a useful thought exercise to consider just what
    is involved in producing an operating system. Perhaps a sufficient
    work-around for the problem is targetting the OS for several different
    platforms, as trojans in hardware are a lot less likely to work along
    multiple architectures than a single architecture. Allow hardware
    diversity to provide "bounds" on probability the hardware does something
    unseemly, rather than prove from the start that the hardware doesn't do
    something unseemly.

    A first step to getting a trusted toolchain is an assembler. You'll need
    to write the first assembler in opcodes by hand using a binary editor of
    some sort, perhaps comparing the results on multiple operating systems
    (diversity to provide bounds on probabilities, rather than trusted
    base), then build a more intelligent assembler out of those tools, then
    build a compiler, then re-write the compiler in a higher-level language
    (as it is likely the only useful way to write an operating system kernel
    is in a language best supported by a compiler written in a high-level
    language), etc.

    Big Budget. :)

    -- 
    "So the whole internet is a Ponzi scheme" -- Jon Stewart
    
    



  • Next message: Valter Santos: "Re: hardening scripts"

    Relevant Pages

    • C language now truly universal
      ... C language now truly universal ... a C compiler for z/VSE (an ... IBM mainframe operating system), and would like to ... Has a documented programming API. ...
      (comp.lang.c)
    • Re: sysadmin qualifications (Re: apt-get vs. aptitude)
      ... about the hardware being used, ... And there is no reason a 32 bit C compiler could not run on a 16 bit machine, other than it would be less efficient, just as you can use a 64 bit long long in some C compilers on a 32 bit machine. ... When I was working on IBM mainframes, they had 32 bit registers. ... What is important is what the language defines, not the physical layout of the machine. ...
      (Debian-User)
    • Re: sysadmin qualifications (Re: apt-get vs. aptitude)
      ... about the hardware being used, ... And only to a certain extent is an int's size dependent on register size. ... And there is no reason a 32 bit C compiler could not run on a 16 bit machine, other than it would be less efficient, just as you can use a 64 bit long long in some C compilers on a 32 bit machine. ... What is important is what the language defines, not the physical layout of the machine. ...
      (Debian-User)
    • Re: I am learning C: a little problem with a simple source code
      ... C is a language originally designed to replace assembly as the primary ... I turn on all warnings on the compiler and make all ... compiling for any processor and operating system combination. ...
      (comp.lang.c)
    • Re: Which programming Language
      ... for new hardware will recognize your old language conventions. ... Sure, C has ANSI standards, but every compiler has ... underlying OS. ...
      (Debian-User)