I'm a little rusty when it comes to Linux security, and I think I may have asked this before on Twitter but couldn't get a conclusive answer - is there not any measure that one can take to ensure a binary's integrity on a stock normal Linux distro?
It doesn't seem like the concept of code signing exists on Linux beyond the installation packages - what's to stop someone from modifying the binary post-installation without being noticed? I see there's IMA Appraisal, but that doesn't seem to be enabled by default in the Linux kernel.
Still /
npub1dv…lx70c
2025-04-24 04:46:33
Author Public Key
npub1dvaeulmpehewu000kkfsklutudjvdkd30plug49efns2rdm4fhgs7lx70cPublished at
2025-04-24 04:46:33Event JSON
{
"id": "518ff19c6ef560bf209eb6fadf435d06b45160a349aabed9e691a666438bc533",
"pubkey": "6b3b9e7f61cdf2ee3defb5930b7f8be364c6d9b1787fc454b94ce0a1b7754dd1",
"created_at": 1745469993,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/still/statuses/114391121512564337",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.mostr.pub"
]
],
"content": "I'm a little rusty when it comes to Linux security, and I think I may have asked this before on Twitter but couldn't get a conclusive answer - is there not any measure that one can take to ensure a binary's integrity on a stock normal Linux distro? \n\nIt doesn't seem like the concept of code signing exists on Linux beyond the installation packages - what's to stop someone from modifying the binary post-installation without being noticed? I see there's IMA Appraisal, but that doesn't seem to be enabled by default in the Linux kernel.",
"sig": "8096673d5fa20829963b0c6e8a1fa5ab5137d1b5de17cdb092f081bedafdf74f9b81f13d50ad0b0795c718c9a2cd223cd042647ce7c4645270d14d44eb6d3da7"
}