Linux is not free from malware or the threat of targeted attacks, and so there are many circumstances where being able to control which executables may be run on a system is a benefit. But simply restricting a system to run only whitelisted binaries isn't practical - there are multiple legitimate reasons to run custom binaries locally, and the existence of interpreted languages makes things even more complicated.
This presentation will describe the use of Linux's Integrity Measurement Architecture and its support for providing and enforcing binary signatures. It will then describe how this may be integrated with existing security modules to provide a cryptographically enforced policy that allows for fine-grained executable permission levels allowing the creation of a secure Linux environment that still allows local customisation.
