On Tue, Mar 09, 2010 at 02:23:13PM -0500, Thor Lancelot Simon wrote: > I want to be able to tell the kernel to mount a device reliably identified > by some kind of unique, symbolic name. I want to be able to load a list > of permissible such names into the kernel while it's running insecure, and > restrict mounting to those and only those when it's running secure.
I don't get it. What kind of devices are you talking about? If the environment is static, you can still use the same identifier as before. If it is not, why do you believe that the device you are dealing with is the one you hoped it is? Joerg
