On Thu, 2007-11-01 at 12:00 +0000, Darren J Moffat wrote:
> That depends on the policy and who you trust and how you protect the
> trust anchors; but I "security" isn't the only reason for needing module
> loading lockout.
if we could structure the signature key hierarchy correctly (in a way
which permits revocation of the signatures of buggy/insecure modules), I
suspect we could in fact use module signatures to prevent incompatible
modules from loading.
But with both Live Upgrade and ZFS root there's no pressing need to do
in-place updates -- update a copy/clone of the root instead.
- Bill
_______________________________________________
opensolaris-code mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
