| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130116215551.GB4222@redhat.com> Date: Wed, 16 Jan 2013 16:55:52 -0500 From: Vivek Goyal <vgoyal@...hat.com> To: Mimi Zohar <zohar@...ux.vnet.ibm.com> Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, linux-kernel@...r.kernel.org, pjones@...hat.com, hpa@...or.com, dhowells@...hat.com, jwboyer@...hat.com, Dmitry Kasatkin <dmitry.kasatkin@...el.com>, Andrew Morton <akpm@...ux-foundation.org>, linux-security-module@...r.kernel.org, Ryan Ware <ryan.r.ware@...el.com> Subject: Re: [PATCH 2/3] binfmt_elf: Verify signature of signed elf binary On Wed, Jan 16, 2013 at 03:25:57PM -0500, Mimi Zohar wrote: [..] > > So irrespective of fact how RPM does it. What are basic commands/steps to > > generate signature of a file and how to store it later in an extended > > attribute? > > evmctl calculates and writes out the 'security.evm' and 'security.ima' > extended attribute. The ima-evm-utils package README contains some > directions for getting started. We should probably move this thread to > the linux-ima-user mailing list. Ok, I will go through README file. I think we should still keep this thread on lkml as it is not yet clear whether IMA is sufficient for this requirement or not. Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists