Kernel Level File Integrity Checker report #10

[Efstratios Karatzas]

During week #10:

* /sbin/pefs 'nameid': prints the name id (MAC) for a file in pefs
filesystem. This identifier is used instead of inode number when looking up
files in .pefs.checksum so it should prove useful when user has to decipher
cryptic error messages.

Next tasks on the TODO list:

After a talk with my mentor, verifying .pefs.checksum in kernel level is
pushed to the end of my TODO list since there is no asymmetric crypto
support in the FreeBSD kernel and I would have to port parts from a
different library or module to the FreeBSD kernel.
There are a few minor changes that need to be done at the /sbin/pefs
codebase but for the moment, I'm switching to the last major TODO of my
project which is altering securelevel and perhaps rtld so that only
executables with schg flag set are allowed execution.

-- 

Efstratios "GPF" Karatzas