[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200702142214.53625.agruen@suse.de>
Date: Wed, 14 Feb 2007 22:14:53 -0800
From: Andreas Gruenbacher <agruen@...e.de>
To: Dave Jones <davej@...hat.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
David Howells <dhowells@...hat.com>,
torvalds@...ux-foundation.org, herbert.xu@...hat.com,
linux-kernel@...r.kernel.org, arjan@...radead.org,
linux-crypto@...r.kernel.org
Subject: Re: [PATCH 0/6] MODSIGN: Kernel module signing
On Wednesday 14 February 2007 21:45, Dave Jones wrote:
> well, the situation for external modules is no worse than usual.
> They still work, they just aren't signed. Which from a distributor point
> of view, is actually a nice thing, as they stick out like a sore thumb
> in oops reports with (U) markers :)
I agree, that's really what should happen. We solve this by marking modules as
supported, partner supported, or unsupported, but in an "insecure" way, so
partners and users could try to fake the support status of a module and/or
remove status flags from Oopses, and cryptography wouldn't save us. We could
try to sign Oopses which I guess you guys are doing. This whole issue hasn't
been a serious problem in the past though, and we generally try to trust
users not to play games on us.
In the end, it all seems to boils down to a difference in philosophy.
Thanks,
Andreas
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists