Check out the new USENIX Web site.

USENIX Home . About USENIX . Events . membership . Publications . Students
18th Large Installation System Administration Conference — Abstract

Pp. 59–66 of the Proceedings

DigSig: Run-time Authentication of Binaries at Kernel Level

Axelle Apvrille, Trusted Logic; David Gordon, Ericsson; Serge Hallyn, IBM LTC; Makan Pourzandi and Vincent Roy, Ericsson


This paper presents a Linux kernel module, DigSig, which helps system administrators control Executable and Linkable Format (ELF) binary execution and library loading based on the presence of a valid digital signature. By preventing attackers from replacing libraries and sensitive, privileged system daemons with malicious code, DigSig increases the difficulty of hiding illicit activities such as access to compromised systems.

DigSig provides system administrators with an efficient tool which mitigates the risk of running malicious code at run time. This tool adds extra functionality previously unavailable for the Linux operating system: kernel level RSA signature verification with caching and revocation of signatures.

  • View the full text of this paper in HTML and PDF.
    Click here if you have forgotten your password Until November 2005, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2004 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.


?Need help? Use our Contacts page.

Last changed: 16 Nov. 2004 aw
Technical Program
LISA '04 Home