On Thu, Oct 25, 2012 at 02:10:01AM -0400, Mimi Zohar wrote: [..] > IMA-appraisal verifies the integrity of file data, while EVM verifies > the integrity of the file metadata, such as LSM and IMA-appraisal > labels. Both 'security.ima' and 'security.evm' can contain digital > signatures.
But the private key for creating these digital signature needs to be on the target system? Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/