a signature verifying command interpreter
Shell Perl Makefile
Latest commit bd1b5c3 Feb 10, 2016 @jschauma merge latest changes from Yahoo
- allow sigsh to just display the script using '-d'
- add '-V' flag to report version information
Permalink
Failed to load latest commit information.
certs merge latest changes from Yahoo Feb 9, 2016
doc merge latest changes from Yahoo Feb 9, 2016
src merge latest changes from Yahoo Feb 9, 2016
test 2015-02-10: Feb 10, 2015
CHANGES 2015-02-10: Feb 10, 2015
LICENSE Initial import from Yahoo! Feb 9, 2011
README Initial import from Yahoo! Feb 9, 2011

README

sigsh is a non-interactive, signature requiring and verifying command
interpreter. More accurately, it is a signature verification wrapper
around a given shell. It reads input in PKCS#7 format from standard in,
verifies the signature and, if the signature matches, pipes the decoded
input into the command interpreter.

Related:
	NetBSD's Veriexec
	MS Powershell ExecutionPolicy
	OpenBSD's "Stephanie" / TPE
		http://packetfactory.openwall.net/projects/stephanie/index.html
	Linux Trusted Path Execution