signing --load extensions ?

[Werner Koch]

Walter Koch <w.koch at phinware.de> writes:

> does it make sense to sign the loadable extension code? 
> 
> Otherwise it would be easy to put an trojan extension named e.g. 
> "tiger" instead of the true one into the extension "path"?

No.  You would also have to sign /lib/libc*, the gnupg executables
and of course the kernel (and the Xserver and ....).  

To avoid trojan horses, the program should be installed with owner root
and the sysadmin should install tripwire to detect changed code.


Werner