Hello,
Am Donnerstag, 2. Oktober 2014 schrieb Ludwig Nussel:
Marcus Meissner schrieb:
On Tue, Sep 30, 2014 at 10:08:02PM +0200, Jan Engelhardt wrote:
On Tuesday 2014-09-30 22:03, Christian Boltz wrote:
I don't know the internals of fipscheck, but IMHO non-executable files (like .fipscheck.hmac) shouldn't be located in /usr/bin/ Marcus, do you want a bugreport about this? ;-)
Where should it be instead? Maybe something in the spirit of /usr/src/debug with fully mirrored directory hierarchy? Or perhaps an xattr associated with the file? (Though that may not outlive security scrutiny.)
It contains a checksum for the binary that is required on start-up. We can hide it somewhere else, but it should be close.
My first thought was /usr/share, but that should be arch-independent.
What about /usr/lib* ?
Maybe it would be possible to store the checksum in some ELF header. So it's invisible to the user and inseparable from the binary. When checking itself the code of course needs to skip this part.
That sounds like the best solution, but it probably also means some implementation effort.
In the mean time we can disable this fips stuff for openSUSE I guess as openSUSE won't be validated for fips anyways, right?
Can you explain what this "fips stuff" is, please?
(If it's useful, I still prefer having a "strange" file in /usr/bin [1] over removing a feature ;-)
Regards,
Christian Boltz
[1] of course having it in another directory is even better