Subject: Re: verified executable kernel modification committed
To: Brett Lymn <blymn@baesystems.com.au>
From: Ceri Storey <cez@mrtall.compsoc.man.ac.uk>
List: current-users
Date: 10/31/2002 09:55:15
On Thu, Oct 31, 2002 at 12:39:29PM +1030, Brett Lymn wrote:
> On Wed, Oct 30, 2002 at 09:26:34AM -0500, Perry E. Metzger wrote:
> >
> > What prevents them from also altering the fingerprints?
> >
>
> either chflags or ro media. To be honest, this is part that needs
> work. The loading of the fingerprints is something I consider that
> needs work to improve the security of the mechanism.
This is why I'm planning on using digital signatures in my project. I
know it's going to be slow, but that's just one challenge :)
--
Ceri Storey <cez@compsoc.man.ac.uk>