This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Need some security advice for systemtap

From: fche at redhat dot com (Frank Ch. Eigler)
To: Tomasz Chmielewski <mangoo at wpkg dot org>
Cc: fedora-security-list at redhat dot com, Systemtap List <systemtap at sources dot redhat dot com>
Date: 05 Jun 2007 11:08:59 -0400
Subject: Re: Need some security advice for systemtap
References: <4664691E.7010803@redhat.com> <466522FF.8080801@wpkg.org>

Tomasz Chmielewski <mangoo@wpkg.org> writes:

> Am I right? Is it security based on md5sum? [...]
> http://www.cits.rub.de/MD5Collisions/

Indeed.

md5 was just a "for sake of argument" possibility.  We can go with a
different or even multiple hashes.  Or, if hashes are deemed
untrustworthy in some particular installation,
/etc/systemtap/authorized_probes could contain copies of the probe
modules in their entirety rather than their hashes.

- FChE

References:
- Need some security advice for systemtap
  - From: David Smith
- Re: Need some security advice for systemtap
  - From: Tomasz Chmielewski

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]