> > > Do we need public key algorithms?
> > I think that is application-specific and uncritical w.r.t speed and
> > therefore belongs to userspace.
> Unless we have PK signed modules. Then it gets real iffy.
The verification should still be done by "insmod". On a properly set
up system, compromising that should be no easier than compromising the
kernel and thus "insmod" is one of the things that are ultimately
trusted (there is other such stuff in userspace, like "init").
Olaf
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Feb 15 2000 - 21:00:14 EST