Matthew Garrett <matthewgarr...@google.com> writes: > * Users auditing their systems can have full kernel-enforced > cryptographic assurance that the files they have on disk match the > files that Debian shipped. Doing that otherwise would involve you > having to take the machine offline.
I would very much like to have this as well. This sort of thing makes it much easier to build out a maintainable FIM system that doesn't require people constantly whitelist new binaries manually. > * Even Debian users may (for security or other policy reasons) want to > configure systems so that they only run binaries that are provided > through some trusted distribution mechanism. Yes. Consider, for example, a Kerberos KDC or other security-critical system, where you may want to have some automated system for explicitly blessing a subset of the archive and specific versions of packages and not allow anything else. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>