-
'Signing' a compressed file system for app verification
A friend asked me, "How do you know that someone didn't replace your KNOPPIX compressed file system with a tainted one containing malware and such?"
I do verify portions of systems by appending a MD5 hash (plus a bit of arcania) to the end of some executables so that I can later verify they are the ones I supplied. The executables don't mind the extra 32 bytes,
But the clooped file system DOES seem to mind. I only hash as much as is needed to detect changes. I then append the MD5 hash and a time stamp to the end of the file.
I have been through the sourcecode in "cloop-2"; and not found anything that explicitly compares the end of compressed data with the file size. And I have compressed FSs with odd byte sizes, so there is no specific size multiple. So why the failures?
BillS
This is the result of loading and mounting a 'signed' compressed file.
Code:
root@lp2:/tmp# losetup /dev/cloop2 /tmp/KNOPPIX_NOV_29_04
root@lp2:/tmp# losetup -a
root@lp2:/tmp# head -4 KNOPPIX_NOV_29_04
#!/bin/sh
#V2.0 Format
insmod cloop.o file=$0 && mount -r -t iso9660 /dev/cloop $1
exit $?
root@lp2:/tmp# mount -r -t iso9660 /dev/cloop2 /mnt/test
mount: wrong fs type, bad option, bad superblock on /dev/cloop2,
or too many mounted file systems
And then the same file without the signature (simply lacking the 32 bytes):
Code:
root@lp2:/tmp# losetup /dev/cloop /extra/CompressedFS/KNOPPIX_NOV_29_04
root@lp2:/tmp# losetup -a
root@lp2:/tmp# mount -r -t iso9660 /dev/cloop /mnt/test
root@lp2:/tmp# losetup -a
root@lp2:/tmp# ls /mnt/test
bin cdrom etc home mnt proc sbin tmp var
boot dev floppy lib none root sys usr vmlinuz
root@lp2:/tmp# cmp KNOPPIX_NOV_29_04 /extra/CompressedFS/KNOPPIX_NOV_29_04
cmp: EOF on /extra/CompressedFS/KNOPPIX_NOV_29_04
Similar Threads
-
By insolit in forum Customising & Remastering
Replies: 2
Last Post: 03-04-2006, 01:08 AM
-
By sydney075 in forum Customising & Remastering
Replies: 3
Last Post: 01-27-2006, 07:44 PM
-
By grzegorz in forum Customising & Remastering
Replies: 0
Last Post: 02-19-2004, 05:17 AM
-
By Mongrol in forum Customising & Remastering
Replies: 4
Last Post: 07-02-2003, 08:27 AM
-
By freyley in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 01-31-2003, 09:21 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Dell PowerEdge R630 Server 3.00Ghz 8-Core 256GB 10x NEW 960GB SSD Rails
$1749.95
Dell PowerEdge R630 Server 3.50Ghz 8-Core 192GB 10x NEW 2TB SSD H730P Rails
$2919.30
Dell PowerEdge R730 Server 3.50Ghz 8-Core 32GB 9x NEW 2TB SSD HBA330 Rails
$2522.35
FAST Dell TOUCHSCREEN 8th Gen Intel Quad Core 16GB RAM Pick SSD Wi-Fi BT Win11
$199.00
Intel - Core i9-13900K 13th Gen 24 cores 8 P-cores + 16 E-cores 36M Cache, 3 ...
$689.99
Intel - Core i9-12900K Desktop Processor 16 (8P+8E) Cores up to 5.2 GHz Unloc...
$619.99
Intel - Core i7-13700K 13th Gen 16 cores 8 P-cores + 8 E-cores 30M Cache, 3.4...
$489.99
Intel - Core i7-12700K Desktop Processor 12 (8P+4E) Cores up to 5.0 GHz Unloc...
$419.99
ALLEGIANCE Desktop Computer Gaming PC: Intel 8 Core 128GB RAM, 2TB SSD, GeForce
$687.99
Lenovo Thinkcentre M920Q Intel Core i5-8th gen 16GB 256GB NVMe SSD Windows11 Pro
$165.00