The invention discloses an ELF file identification method based on a code signature. According to ELF file identification, an issuer provides evidence, and a caller (an operating system) verifies the evidence. The evidence of the issuer is the file signature of the issuer, and the signature is made in two steps that firstly, the issuers signs for the file identification, and secondly, the issuer signs for file features. The caller carries out verification in two steps that firstly, the caller extracts the signature of the file identification to verify the file identification and judges whether a file is loaded or not, and secondly, the caller extracts the signature of the file features to verify the file features and judges whether the file is executed or not, wherein the first step is named as admissibility verification, and the second step is named as acceptance verification. By means of the ELF file identification method, identification authentication and feature authentication of the ELF file are achieved, damage caused by illegal invasion and malicious software can be effectively prevented, the operational safety of a computer is ensured, and the optimal balance between the efficiency and safety of the operating system is achieved.