On 7/14/07, Ivan Krstić <[EMAIL PROTECTED]> wrote: > On Jul 10, 2007, at 5:54 PM, C. Scott Ananian wrote: > > Unless we're actually going to do a full cryptographic authentication > > of the entire FS image at every boot, the kernel checking is just > > security theater. > I missed this message when originally following the thread. This is > incorrect. Verifying the integrity of the kernel and the initramfs is > necessary and sufficient for guaranteeing that the anti-theft daemon > gets started in a container that cannot be killed. Making theft non- > trivial is the entire point behind the crypto dance; if that is met, > we don't care whether the rest of the FS is modified.
This seems to imply a much beefier initramfs than is currently the case, and one that is invoked on every boot. --scott -- ( http://cscott.net/ ) _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel