diff for duplicates of <1510244236.4484.172.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index dec897c..77534c6 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -5,7 +5,7 @@ On Thu, 2017-11-09 at 09:47 -0500, Matthew Garrett wrote: > trustworthy at this point even in the absence of signatures. Assuming the initramfs is signed, then yes the rootfs files would be -trusted. rootfs can still access files from real root, which is where +trusted. ?rootfs can still access files from real root, which is where policies are normally stored. > It seems @@ -17,3 +17,8 @@ policies are normally stored. IMA can and should be configured to require signed policies. Mimi + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 5ef55b1..aa5f1a0 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -6,17 +6,10 @@ "ref\0CACdnJut0-4k97m0TM-Zd4jLPTraBe6_JoE-eznFYKwbPEmNS0Q@mail.gmail.com\0" "ref\0210975fe-527c-df2f-5a8a-9aca31e9246a@huawei.com\0" "ref\0CACdnJusj5aHHEJ2zY6UonK-XG_=P4Z09EPMZVKoXYUMZoUdHQQ@mail.gmail.com\0" - "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" - "Subject\0Re: [PATCH v2 00/15] ima: digest list feature\0" + "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" + "Subject\0[PATCH v2 00/15] ima: digest list feature\0" "Date\0Thu, 09 Nov 2017 11:17:16 -0500\0" - "To\0Matthew Garrett <mjg59@google.com>" - " Roberto Sassu <roberto.sassu@huawei.com>\0" - "Cc\0linux-integrity <linux-integrity@vger.kernel.org>" - linux-security-module@vger.kernel.org - linux-fsdevel@vger.kernel.org - linux-doc@vger.kernel.org - linux-kernel@vger.kernel.org - " silviu.vlasceanu@huawei.com\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Thu, 2017-11-09 at 09:47 -0500, Matthew Garrett wrote:\n" @@ -26,7 +19,7 @@ "> trustworthy at this point even in the absence of signatures.\n" "\n" "Assuming the initramfs is signed, then yes the rootfs files would be\n" - "trusted. rootfs can still access files from real root, which is where\n" + "trusted. ?rootfs can still access files from real root, which is where\n" "policies are normally stored.\n" "\n" "> It seems\n" @@ -37,6 +30,11 @@ "\n" "IMA can and should be configured to require signed policies.\n" "\n" - Mimi + "Mimi\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -2c27cc55f91e55c57773cd24a3e75a8e953a9a14227798d1dbcae5d3ab000fd4 +077fa640b2d0371db14d8a3120646393605265b047467e95413c0ab283cfd078
diff --git a/a/1.txt b/N2/1.txt index dec897c..72273dc 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -5,7 +5,7 @@ On Thu, 2017-11-09 at 09:47 -0500, Matthew Garrett wrote: > trustworthy at this point even in the absence of signatures. Assuming the initramfs is signed, then yes the rootfs files would be -trusted. rootfs can still access files from real root, which is where +trusted. rootfs can still access files from real root, which is where policies are normally stored. > It seems diff --git a/a/content_digest b/N2/content_digest index 5ef55b1..64bfd4a 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -26,7 +26,7 @@ "> trustworthy at this point even in the absence of signatures.\n" "\n" "Assuming the initramfs is signed, then yes the rootfs files would be\n" - "trusted. rootfs can still access files from real root, which is where\n" + "trusted. \302\240rootfs can still access files from real root, which is where\n" "policies are normally stored.\n" "\n" "> It seems\n" @@ -39,4 +39,4 @@ "\n" Mimi -2c27cc55f91e55c57773cd24a3e75a8e953a9a14227798d1dbcae5d3ab000fd4 +4d1002bef69bb4bca792c35a286579fe7679114b21f7999dc26663abc57bcfe0
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.