Re: veriexec: read from stdin

To: Alexander Nasonov <alnsn%yandex.ru@localhost>, tech-security%netbsd.org@localhost
Subject: Re: veriexec: read from stdin
From: Sevan Janiyan <venture37%geeklan.co.uk@localhost>
Date: Sun, 28 Apr 2019 01:41:58 +0100

On 27/04/2019 23:24, Alexander Nasonov wrote:
> I wrote a patch that adds the -i option to read from stdin but I
> don't want to rush things before I hear opinions.

No objection to the functionality, but I'm working on a patch from
bin/34773 which adds newer flags to veriexecgen where -i and -I are used
for handling interpreters.
See http://mail-index.netbsd.org/tech-userlevel/2006/10/09/0002.html for
a description.

> Is it a good approach, does precalculating checksums at build time
> make sense, etc.

sure but now we need tamper resistance for the tamper resistance
mechanism's database (signed builds?) ;)

Sevan

Follow-Ups:
- Re: veriexec: read from stdin
  - From: Alexander Nasonov

References:
- veriexec: read from stdin
  - From: Alexander Nasonov

Prev by Date: Re: veriexec: read from stdin
Next by Date: Re: veriexec: read from stdin
Previous by Thread: Re: veriexec: read from stdin
Next by Thread: Re: veriexec: read from stdin
Indexes:

Home | Main Index | Thread Index | Old Index