Veriexec
Encyclopedia
Veriexec is a file-signing scheme for the NetBSD
operating system.
It introduces a special device node (/dev/veriexec) through which a signature
list can be loaded into the kernel. The list contains file paths
, together with hashes and an expected file type ("DIRECT" for executables, "INDIRECT" for scripts and "FILE" for shared libraries and regular files). The kernel then verifies the contents of the signed files against their hashes just before they are opened in an exec or open system call
.
When Veriexec is enabled at level 0, the kernel will simply warn about signature mismatches. At level 1, it will prevent access to mismatched files. At level 2, it prevents signed files from being overwritten or deleted. At the highest, level 3, the kernel will not allow unsigned files to be accessed at all.
NetBSD
NetBSD is a freely available open source version of the Berkeley Software Distribution Unix operating system. It was the second open source BSD descendant to be formally released, after 386BSD, and continues to be actively developed. The NetBSD project is primarily focused on high quality design,...
operating system.
It introduces a special device node (/dev/veriexec) through which a signature
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...
list can be loaded into the kernel. The list contains file paths
Path (computing)
A path, the general form of a filename or of a directory name, specifies a unique location in a file system. A path points to a file system location by following the directory tree hierarchy expressed in a string of characters in which path components, separated by a delimiting character, represent...
, together with hashes and an expected file type ("DIRECT" for executables, "INDIRECT" for scripts and "FILE" for shared libraries and regular files). The kernel then verifies the contents of the signed files against their hashes just before they are opened in an exec or open system call
System call
In computing, a system call is how a program requests a service from an operating system's kernel. This may include hardware related services , creating and executing new processes, and communicating with integral kernel services...
.
When Veriexec is enabled at level 0, the kernel will simply warn about signature mismatches. At level 1, it will prevent access to mismatched files. At level 2, it prevents signed files from being overwritten or deleted. At the highest, level 3, the kernel will not allow unsigned files to be accessed at all.