Early boot, activation, upgrades

Ivan Krstić krstic at solarsail.hcs.harvard.edu
Sat Jul 14 06:08:05 EDT 2007


On Jul 10, 2007, at 5:54 PM, C. Scott Ananian wrote:
> Unless we're actually going to do a full cryptographic authentication
> of the entire FS image at every boot, the kernel checking is just
> security theater.

I missed this message when originally following the thread. This is  
incorrect. Verifying the integrity of the kernel and the initramfs is  
necessary and sufficient for guaranteeing that the anti-theft daemon  
gets started in a container that cannot be killed. Making theft non- 
trivial is the entire point behind the crypto dance; if that is met,  
we don't care whether the rest of the FS is modified.

--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org


More information about the Devel mailing list