Early boot, activation, upgrades
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Sat Jul 14 06:08:05 EDT 2007
On Jul 10, 2007, at 5:54 PM, C. Scott Ananian wrote:
> Unless we're actually going to do a full cryptographic authentication
> of the entire FS image at every boot, the kernel checking is just
> security theater.
I missed this message when originally following the thread. This is
incorrect. Verifying the integrity of the kernel and the initramfs is
necessary and sufficient for guaranteeing that the anti-theft daemon
gets started in a container that cannot be killed. Making theft non-
trivial is the entire point behind the crypto dance; if that is met,
we don't care whether the rest of the FS is modified.
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
More information about the Devel
mailing list