[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: "Stateless Linux" project



John Hearns john.hearns-at-clustervision.com |fedora| wrote:

My contention is that the MAC is the only 'key' at this
stage.

I was just basically saying to make sure security is thought about early in the boot process, or at least as early as possible. Authenticating and verifying images can only be done reliably when there is a security context of some sort installed already. If there is a way to cache a vpn key locally to be used for the initial boot process then spoofing the MAC address (think 'script kiddies' here) would do you little good. That of course assumes a way to cache the key across instances of the OS, but they did mention that local caching was a goal of the proposed system.


If a locally cached key is not configured/available then using the hardware MAC is the best you can do and it should fall back to the mode that you suggested. But having the key cached locally could essentially do what M$ Palladium(tm) aimed to do by verifying the runtime boot images first and giving you a verifiable core memory image free of network delivered rootkits etc.. If someone chose to enable that extra security feature then they could be reasonably ensured that *every* machine in their domain is not running a hacked image. If one delivered image is hacked then they all might be, and how would you know which? The verified memory image would then go on to verify that the rest of the system security is also sound, like to the SELinux level if it is configured that way. Not everyone needs this kind of setup, but some do.

> Speaking as someone who looks after a Mosix cluster,
> from what I've read I doubt Mosix will ever make it into
> the official Linux kernel.

As for Mosix I am likely putting my foot in my mouth, as I never used it. I do fault tolerant distributed processing but I do customized applications for research purposes. I do however like the ideas that Mosix is trying to achieve. I have had to build a system much like that myself and appreciate how nice it would be to have those features available on every machine by default.

I would love to hear more of your thoughts about Mosix off line if you have a few minutes to spare. ;)

Other than that I was just rambling on. - lol

Steve Coleman
http://www jhuapl edu/
steve.coleman [atsign] jhuapl [adot] edu






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]