Subject: Re: micro-code and PCI
To: None <firstname.lastname@example.org>
From: Chris G. Demetriou <email@example.com>
Date: 07/27/2000 10:19:03
Thor Lancelot Simon <firstname.lastname@example.org> writes:
> Um, because it's almost impossible to do it securely any other way?
uh... so, install them early on in the boot sequence.
if you're truly scared of that:
* you should be more scared of the other possibilities for
insecurity ("hey, i just replaced all of /bin!"), or
* if you've taken the appropriate steps to lock those things
down (i.e., chflags etc.) then you know and can do the identical set
of operations for microcode loaders and files.