"Stateless Linux" project

Steve Coleman 23e9t5t02 at sneakemail.com
Tue Sep 14 16:45:07 UTC 2004


John Hearns john.hearns-at-clustervision.com |fedora| wrote:

> My contention is that the MAC is the only 'key' at this
> stage. 

I was just basically saying to make sure security is thought about early 
in the boot process, or at least as early as possible. Authenticating 
and verifying images can only be done reliably when there is a security 
context of some sort installed already. If there is a way to cache a vpn 
key locally to be used for the initial boot process then spoofing the 
MAC address (think 'script kiddies' here) would do you little good. That 
of course assumes a way to cache the key across instances of the OS, but 
they did mention that local caching was a goal of the proposed system.

If a locally cached key is not configured/available then using the 
hardware MAC is the best you can do and it should fall back to the mode 
that you suggested.  But having the key cached locally could essentially 
do what M$ Palladium(tm) aimed to do by verifying the runtime boot 
images first and giving you a verifiable core memory image free of 
network delivered rootkits etc.. If someone chose to enable that extra 
security feature then they could be reasonably ensured that *every* 
machine in their domain is not running a hacked image.  If one delivered 
image is hacked then they all might be, and how would you know which? 
The verified memory image would then go on to verify that the rest of 
the system security is also sound, like to the SELinux level if it is 
configured that way. Not everyone needs this kind of setup, but some do.

 > Speaking as someone who looks after a Mosix cluster,
 > from what I've read I doubt Mosix will ever make it into
 > the official Linux kernel.

As for Mosix I am likely putting my foot in my mouth, as I never used 
it. I do fault tolerant distributed processing but I do customized 
applications for research purposes. I do however like the ideas that 
Mosix is trying to achieve. I have had to build a system much like that 
myself and appreciate how nice it would be to have those features 
available on every machine by default.

I would love to hear more of your thoughts about Mosix off line if you 
have a few minutes to spare. ;)

Other than that I was just rambling on. - lol

Steve Coleman
http://www jhuapl edu/
steve.coleman [atsign] jhuapl [adot] edu








More information about the fedora-devel-list mailing list