On Wed, Sep 08, 2010 at 01:46:50PM -0700, Bart Smaalders wrote: > I would rather have a boot environment that cannot be > modified; this is far simpler and doesn't involve a run-time performance > hit.
If the data is on rotating rust, it can be modified. Validated Execution is the project that will leverage a TPM to ensure that you're booting from an unmodified root. (Note that Validated Execution cannot prevent post-boot exploitation of security vulnerabilities; valex can only guarantee that you're booting as-installed bits) Nico -- _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
