Re: apache-scalp.c

["Michael A. Williams" <mike () netxsecure net>]

Hi,

Does apache-scalp.c work against your OpenBSD or FreeBSD system or not.

Either way it would be nice to know that you have some signed_exec code
acting as an additional security layer to stop unauthorized binaries if
not by denial at least then warning of their existence in Real Time.

Our signed_exec kernel patches for FreeBSD and OpenBSD are designed to
stop the installation of root kits on a compromised system, regardless
of the programming mistake or reason resulting in a compromise, the idea
is to not allow a Trojaned binary to execute under the guise of a valid
program, shared library or loadable kernel module.

We have been working on OpenBSD and FreeBSD with intentions to also look
at a GNU/Linux port and believe that there has been work underway for
some time on NetBSD to do something similar.

For more information see http://www.trojanproof.org

Regards, Michael A. Williams.