*** UNIX MANUAL PAGE BROWSER ***

A Nergahak database for man pages research.

Navigation

Location: Home > NetBSD > Section 5 > veriexec
Quick Actions: [Home] [Up]

Directory Browser

1Browse 4.4BSD4.4BSD
1Browse Digital UNIXDigital UNIX 4.0e
1Browse FreeBSDFreeBSD 14.3
1Browse MINIXMINIX 3.4.0rc6-d5e4fc0
1Browse NetBSDNetBSD 10.1
1Browse OpenBSDOpenBSD 7.7
1Browse UNIX v7Version 7 UNIX
1Browse UNIX v10Version 10 UNIX

Manual Page Search

Manual Page Result

0 Command: veriexec | Section: 5 | Source: NetBSD | File: veriexec.5
VERIEXEC(5) FreeBSD File Formats Manual VERIEXEC(5) NAME veriexec - format for the Veriexec signatures file DESCRIPTION Veriexec loads entries to the in-kernel database from a file describing files to be monitored and the type of monitoring. This file is often referred to as the `signatures database' or `signatures file'. The signatures file can be easily created using veriexecgen(8). SIGNATURES DATABASE FORMAT The signatures database has a line based structure, where each line has several fields separated by white-space (space, tabs, etc.) taking the following form: path type fingerprint flags The description for each field is as follows: path The full path to the file. White-space characters can be escaped if prefixed with a `\'. type Type of fingerprinting algorithm used for the file. Requires kernel support for the specified algorithm. List of fingerprinting algorithms supported by the kernel can be obtained by using the following command: # sysctl kern.veriexec.algorithms fingerprint The fingerprint for the file. Can (usually) be generated using the following command: % cksum -a <algorithm> <file> flags Optional listing of entry flags, separated by a comma. These may include: direct Allow direct execution only. Execution of a program is said to be "direct" when the program is invoked by the user (either in a script, manually typing it, etc.) via the execve(2) syscall. indirect Allow indirect execution only. Execution of a program is said to be "indirect" if it is invoked by the kernel to interpret a script ("hash-bang"). file Allow opening the file only, via the open(2) syscall (no execution is allowed). untrusted Indicate that the file is located on untrusted storage and its fingerprint evaluation status should not be cached, but rather re-calculated each time it is accessed. Fingerprints for untrusted files will always be evaluated on load. To improve readability of the signatures file, the following aliases are provided: program An alias for "direct". interpreter An alias for "indirect" script An alias for both "direct" and "file". library An alias for both "file" and "indirect". If no flags are specified, "direct" is assumed. Comments begin with a `#' character and span to the end of the line. SEE ALSO veriexec(4), security(7), veriexec(8), veriexecctl(8), veriexecgen(8) HISTORY veriexec first appeared in NetBSD 2.0. AUTHORS Brett Lymn <[email protected]> Elad Efrat <[email protected]> FreeBSD 14.1-RELEASE-p8 March 18, 2011 FreeBSD 14.1-RELEASE-p8

Navigation Options

Actions: [Home] [Back] [New Search]
Browse: [Browse NetBSD] [Section 5]
Print/Export: [Print] [Raw Text]
Date: 2025-08-18 Time: 21:41:53 SAST |
Page generated in 0.0302 seconds
Nergahak ManpageViewer v1.4
[Back to Top]