Menu
▾
▴
Re: [Linux-ima-user] consult with questions on IMA
|
From: Reiner S. <sa...@us...> - 2008-12-15 02:52:30
|
meng <qs...@12...> wrote on 12/12/2008 11:42:35 PM: > [image removed] > > [Linux-ima-user] consult with questions on IMA > > meng > > to: > > linux-ima-user > > 12/14/2008 08:53 PM > > Dear Sailer, > I know your email and you from your paper on IMA and the website of > IBM on IMA. IMA is very interesting and is very similar to TNC, i think. > Would you be kind to explain some questions on IMA for me? > 1.you said that "we measure executables only the first time and > after they changed". my question is how the host system know the > file has changed. maybe this is what you named "dirty flag". if a > file has changed in any way, the systme really could know the file > has changed? yes. the dirty flag in the inode is 'reset' when the file is opened with 'write' permission. we only keep this state until the inode is leaving the file system inode cache. > 2.you said the remote system can ask for the measurement list and > the signed aggreate tpm value(pcr). my question is whether an > application on the host system can ask for the measurement list and > the signed pcr if yes, how to do? by tpm_quote and tpm_eventlog or alike? > anyway thank you. sure, local applications can read the measurement list from /sys/kernel/security/ima/ascii_runtime_measurements and get a quote from the local TPM. there are libraries that come with TrouSerS ( http://sourceforge.net/projects/trousers) that can be used as well. Greetings Reiner > best regards, > sincerely Meng > > > 网易免费邮,全球最大的中文免费邮箱 > ------------------------------------------------------------------------------ > SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. > The future of the web can't happen without you. Join us at MIX09 to help > pave the way to the Next Web now. Learn more and register at > http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ > _______________________________________________ > Linux-ima-user mailing list > Lin...@li... > https://lists.sourceforge.net/lists/listinfo/linux-ima-user |
