Ok, it's offtopic here, but I don't think, it is a good idea
to use such policy. Why to protect such thing ??
A good policy is to setup a box and to have a model earning
money on services not on the boxes or the system (linux).
The user can do what ever he/she wants to do, if the user
disconfigured the system, it his personal problem. Or it is
a good idea to do a protection (check) over the configuration.
But the user has to pay for services, C offers ...
With friendly regards
Christoph P.
Patrick Valsecchi wrote:
>
> Hi
>
> My company is working for another company (let call it C) that is going to
> provide Linux boxes to its customers. As C is going to give them free or for a
> small fee, C doesn't want the customers to use the boxes for another purpose
> that the one specified by C.
>
> C doesn't want the user to be able to:
> - run another kernel than the one S provides
> - run executables that have not been signed by authorized developpers or that
> have been modified (signed executables)
> - change or alter the dynamic libraries (signed .so files)
> - have access to the binary of some executables (for avoiding reverse
> engineering)
> - save a file and give the disk to a friend (encrypted files, but I need to
> be fast on read and write, here)
>
> All that by using:
> - a SmartCard
> - a modified kernel
> - a specialised hardware for encryption
> - maybe a modified loader (lilo)
>
> And that mustn't be just simple tricks, we must protect those boxes against
> very skilled hackers.
>
> Is there existing projects on those subjects? Is anybody already worked on it?
>
> Thanks for your help.
>
> ---
> -°) Patrick Valsecchi
> /\\
> _\_v
> ***************************************************************
> Linux Smart Card Developers - M.U.S.C.L.E.
> (Movement for the Use of Smart Cards in a Linux Environment)
> http://www.linuxnet.com/smartcard/index.html
> ***************************************************************
--
-------------------------------------------------------
private: [EMAIL PROTECTED]
company: [EMAIL PROTECTED]
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************