LFS using the cryptoapi hint...

Dagmar d'Surreal dagmar.wants at nospam.com
Tue Jul 8 15:15:58 PDT 2003


On Tue, 2003-07-08 at 04:42, Zibeli Aton wrote:

> > >> echo -n "Checking master boot record integrity: "
> > >> if [ "`dd if=/dev/hda count=1 2>/dev/null |
> > md5sum`" = \
> > >> "e051a4532356709c73b86789acfbdbbd  -" ]
> > >> then
> > >> echo "OK."
> > >> else
> > >> echo -n "FAILED! press Enter to continue."
> > >> read
> > >> fi
> > >>
> > >> echo -n "Checking bootloader integrity: "
> > >> if [ "`dd if=/dev/hda1 2>/dev/null | md5sum`" = \
> > >> "f3686a17fac8a1090d962bef59c86d3b  -" ]
> > >> then
> > >> echo "OK."
> > >> else
> > >> echo -n "FAILED! press Enter to continue."
> > >> read
> > >> fi

> I'm quite sure the signature-checking script is indeed
> supposed to be the encrypted partition, not in the
> bootloader.  While the bootloader will indeed have
> already been loaded before the script then detects a
> compromise of it, at least at that point you can
> minimize the damage by aborting the init before
> networks are brought up, etc.  If the script is
> instead left in the unencrypted bootloader partition,
> all an attacker would have to do after modifying the
> bootloader (or boot sector) is to adjust the MD5 sum
> contained in the unencrypted script to match that of
> the comprimised loader/sector and the script would not
> even detect the compromise, by far an even worse
> option.

Yes, well, I'm equally sure that it can _not_ be executed from the
filesystem on /dev/hda1 unless you'd like to spend a LOT of time fudging
up an md5sum that will still be valid after you stick it into it's own
hash.  I'm hoping the author of the hint didn't actually make the
mistake of suggesting this very thing and that the readers are merely
confused.  If they're not confused then there's a count argument missing
from the second chunk of script.

-- 
The email address above is just as phony as it looks, and for obvious reasons.
Instant messaging contact nfo: AIM: evilDagmar  Jabber: evilDagmar at jabber.org

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message



More information about the blfs-support mailing list