We describe the design and implementation of signed
executables for Linux, which provide the following strong
integrity guarantees: the inability to tamper with executables
and the inability to add new unauthorized executables. Unlike
other implementations, ours covers statically and dynamically
linked executables as well as executable scripts. In addition,
we reduced the overhead of signature verification to almost
zero by caching the successful verification results. The
negligible overhead enables signature verification to be used
as a basic building block for other applications of which some
are described in this paper.
Also UMIACS-TR-2001-4