| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Jan 2015 11:15:17 +0100 From: Alexander Holler <holler@...oftware.de> To: Michal Marek <mmarek@...e.cz>, linux-kernel@...r.kernel.org CC: linux-kbuild@...r.kernel.org, David Howells <dhowells@...hat.com>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [PATCH] modsign: provide option to automatically delete the key after modules were installed Am 23.01.2015 um 10:39 schrieb Alexander Holler: > Am 23.01.2015 um 10:24 schrieb Michal Marek: > >>> + @rm ./signing_key.priv >>> + @rm ./signing_key.x509 >> >> Why do you need to delete the certificate? > > No special reason. > > I'm just not sure (and too lazy to look it up) if it might contain the > private key too (like it's possible in pem files), so I've deleted it too. Or in other words, while .priv leads me to the educated guess that it contains the private key, .x509 doesn't give me an obvious indication what it contains. If someone assures me that .x509 doesn't contain the private key necessary to sign the modules, I'll send a v2 of the patch. Regards, Alexander Holler -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists