tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel

On Mon, 18 Oct 2010 14:51:03 +0200
Jean-Yves Migeon <> wrote:

> *lurker mode off*
> IIRC, part of agc work with netpgp is to integrate signature verification
> within kernel.
> *lurker mode on*

Thanks, that's nice to know, I didn't look at netpgp yet but might
eventually check if its RSA implementation (if any) can eventually be
worked into common/lib/libc/rsa, which would be a major step forward to
allow the kernel to verify signatures.

I started writing a task list to have an idea of what needs to be done,
and it's not trivial
I might give an implementation a try during my next vacations, but no
timeline or guarantee (disclaimer!).  Motivation is also a factor as my
current (very simple) solution to the various MODULAR issues I've faced
(mostly maintenance related) has been so far to use monolithic kernels.

Home | Main Index | Thread Index | Old Index