| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Jun 2011 18:37:53 -0400 From: Mimi Zohar <zohar@...ux.vnet.ibm.com> To: Ryan Ware <ware@...ux.intel.com> Cc: "linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, James Morris <jmorris@...ei.org>, David Safford <safford@...son.ibm.com>, Andrew Morton <akpm@...ux-foundation.org>, Greg KH <greg@...ah.com>, Dmitry Kasatkin <dmitry.s.kasatkin@...il.com> Subject: Re: [PATCH v7 00/16] EVM On Thu, 2011-06-30 at 14:06 -0700, Ryan Ware wrote: > Glad to see this going in Mimi! Looking forward to enabling this in our > MeeGo kernels. > > Ryan I wish. As far as I'm aware, EVM hasn't been upstreamed. The good news is that the ecryptfs encrypted-key patches are now in the security-testing tree. thanks, Mimi > On 6/29/11 12:50 PM, "Mimi Zohar" <zohar@...ux.vnet.ibm.com> wrote: > > >Discretionary Access Control(DAC) and Mandatory Access Control(MAC) can > >protect the integrity of a running system from unauthorized changes. When > >these protections are not running, such as when booting a malicious OS, > >mounting the disk under a different operating system, or physically moving > >the disk to another system, an "offline" attack is free to read and write > >file data/metadata. > > > >...snip... > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists