All,
I was just wondering if it was possible, or if there were plans to support the ability to enforce code signing (on binaries, at runtime) in FreeBSD? Why do I ask? Because history has shown over the past 20 years or so that allowing unsigned code to run by default is a security nightmare. The ability to enforce code signing would reduce the risks of running as a privileged user (or hell, normal user for that matter), as an un-signed, tojaned or otherwise modified binary will refuse to run.
I'm thinking that if you could either use a central FreeBSD repository CA, or have the ability to set up your own local CA as an optional step.
Both Apple and Microsoft are going down this path with OS X 10.8 and Windows 8.
I think so long as we can control who has the "keys to the castle" at install time (local admin's CA, repository CA or code-signing switched off in the boot-loader), code signing can only be a good thing?
I was just wondering if it was possible, or if there were plans to support the ability to enforce code signing (on binaries, at runtime) in FreeBSD? Why do I ask? Because history has shown over the past 20 years or so that allowing unsigned code to run by default is a security nightmare. The ability to enforce code signing would reduce the risks of running as a privileged user (or hell, normal user for that matter), as an un-signed, tojaned or otherwise modified binary will refuse to run.
I'm thinking that if you could either use a central FreeBSD repository CA, or have the ability to set up your own local CA as an optional step.
Both Apple and Microsoft are going down this path with OS X 10.8 and Windows 8.
I think so long as we can control who has the "keys to the castle" at install time (local admin's CA, repository CA or code-signing switched off in the boot-loader), code signing can only be a good thing?