Menu
▾
▴
Re: [Linux-ima-user] Tutorial for IMA!
|
From: hassan k. <has...@gm...> - 2013-12-18 20:18:51
|
I am interested in knowing how the integrity of OS and the applications running on OS are measured. I am aware of trusted-Grub which measure things before OS is loaded. Specifically, I wanted to know, is it the case that user decides for which application's the user wants its integrity to be measured? In other words, can he leave out some applications which he does not want to get measured. >From Measurement I mean that the hashes of some application is calculated. Just digging deeper, what exactly gets measured in applications i.e just binaries or executables? and same question goes for the OS, that which files are hashed, loosely saying, OS will have several files in it i.e libraries, configurations files etc.. thanks, HK On Wed, Dec 18, 2013 at 1:21 AM, Mimi Zohar <zo...@li...>wrote: > On Tue, 2013-12-17 at 21:50 +0100, hassan khan wrote: > > Thanks for the earlier reply regarding installation of IMA. > > > > Is there any tutorial which states how IMA works and how to use it? > > Other than the links that Sven mentioned and Dave Safford's "Integrity > Overview whitepaper", I'm not aware of other documentation/tutorial. > > Basically, IMA extends the trusted boot measurement list with > measurements from the running OS; while IMA-appraisal extends secure > boot's enforcing file data integrity to the OS. > > Andreas Steffen, from the University of Applied Sciences Rapperswil, > gave a talk at LSS2012 called "The Linux Integrity Subsystem and > TPM-based Network Endpoint Assessment". > > What, in particular, are you interested in doing? > > thanks, > > Mimi > > |
