Re: Linux Firmware Signing
From: Joshua Brindle
Date: Tue Sep 01 2015 - 10:13:07 EST
Paul Moore wrote:
<snip>
Yes, there are lots of way we could solve the signed policy format
issue, I just don't have one in mind at this moment. Also, to be
honest, there are enough limitations to signing SELinux policies that
this isn't very high onmy personal SELinux priority list.
The fact that there are so many userspace specific parts of the policy
that never make it into the kernel precludes any meaningful verification
anyway.
And SELinux already has a mechanism for raising the integrity of a
process to do things like signature checking in userspace, the domain
transition. If someone wants validation of the SELinux policy they just
need to eliminate every domains ability to load policy except for a
trusted policy loader that does signature checking.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/