[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Guix and intrusion detection (was Re: Help with writing custom boot-load
|
From: |
Giovanni Biscuolo |
|
Subject: |
Guix and intrusion detection (was Re: Help with writing custom boot-loader configuration) |
|
Date: |
Wed, 05 Jun 2019 20:01:03 +0200 |
Hello Raghav,
Raghav Gururajan <address@hidden> writes:
[...]
> It works. Was curious about other alternatives. Btw, is it possible make guix
> to
> automatically GPG-Sign the "grub.cfg" it generates during "guix system init"
> or
> "guix system reconfigure" ??
I cannot (still) help patching guix this way, but from a security POV
this is interesting, providing you explain what you are trying to
achieve :-)
Anyway:
1. to sign, guix should have a secret key and that key may be easily
stolen (modulo encryption but that's another story...)
2. to verify a list of system admins signatures guix just needs public
keys and that's easy to provide, the not so easy part is patching guix I
guess
3. signature of "grub.cfg" - or other store items - should be done on
*another* machine and items deployed to the host (there is some POC and
custom code around in guix-devel for this)
Could GPG signature *verification* of selected core parts (bootloader,
initrd, kernel... guix itself) of our reproducible system make us
confident that instrusions via physical access to hardware are
automatically detected and notified by guix? [1]
...or I'm exagerating here and Guix already provides a good path to do
effective intrusion detection, even with remote hosts potentially
available to physical instrusion?
Thoughts?
[...]
Thanks! Gio'.
[1] let's call it Trusting Remote Trust problem
--
Giovanni Biscuolo
Xelera IT Infrastructures
signature.asc
Description: PGP signature