Re: [PATCH RFC] kernel build: enable use of password-protected signingkeys

From: Michal Marek
Date: Mon Feb 10 2014 - 08:51:23 EST

Next message: Ville Syrjälä: "Re: [PATCH v4 00/11] Enabling 180 degree rotation for sprite andcrtc planes"
Previous message: Paul Bolle: "Re: [PATCH 27/28] Remove ARC_HAS_COH_RTSC"
In reply to: Emily Maier: "[PATCH RFC] kernel build: enable use of password-protected signingkeys"
Next in thread: Michal Marek: "Re: [PATCH RFC] kernel build: enable use of password-protected signing keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9.2.2014 23:38, Emily Maier wrote:
> Currently, the module signing script assumes that the private key is
> not password-protected. This patch makes it slightly more secure by
> allowing it to be passed in on the command line as "make
> modules_install MOD_PASSWORD=abc". It's vulnerable to snooping during
> the build of course, but so is an unprotected signing key.

The key's permissions can be set to 0600, while the make commandline is
visible in ps.

Michal
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ville Syrjälä: "Re: [PATCH v4 00/11] Enabling 180 degree rotation for sprite andcrtc planes"
Previous message: Paul Bolle: "Re: [PATCH 27/28] Remove ARC_HAS_COH_RTSC"
In reply to: Emily Maier: "[PATCH RFC] kernel build: enable use of password-protected signingkeys"
Next in thread: Michal Marek: "Re: [PATCH RFC] kernel build: enable use of password-protected signing keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]