diff for duplicates of <1511173252.5979.45.camel@intel.com> diff --git a/a/1.txt b/N1/1.txt index f0a7022..ec0b1a6 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -4,9 +4,9 @@ On Mon, 2017-11-20 at 07:47 +1100, James Morris wrote: > > LSMs are responsible to enforce a security policy at run-time, > > while IMA/EVM protect data and metadata against offline attacks. > -> In my view, IMA can also protect against making an online attack +> In my view, IMA can also protect against making an online attack? > persistent across boots, and that would be the most compelling use of -> it for many general purpose applications. +> it?for many general purpose applications. I do not quite buy that interpretation. If the online attack succeeds in bypassing the run-time checks, for example with a full root exploit, @@ -26,3 +26,9 @@ The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. + + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 6daa5b6..080f663 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -9,16 +9,10 @@ "ref\01510837595.3711.420.camel@linux.vnet.ibm.com\0" "ref\0a88aff89-1e75-9019-4394-640f5fb318da@huawei.com\0" "ref\0alpine.LFD.2.20.1711200746120.25470@localhost\0" - "From\0Patrick Ohly <patrick.ohly@intel.com>\0" - "Subject\0Re: IMA appraisal master plan?\0" + "From\0patrick.ohly@intel.com (Patrick Ohly)\0" + "Subject\0IMA appraisal master plan?\0" "Date\0Mon, 20 Nov 2017 11:20:52 +0100\0" - "To\0James Morris <james.l.morris@oracle.com>" - " Roberto Sassu <roberto.sassu@huawei.com>\0" - "Cc\0Mimi Zohar <zohar@linux.vnet.ibm.com>" - Matthew Garrett <mjg59@google.com> - linux-integrity <linux-integrity@vger.kernel.org> - linux-security-module <linux-security-module@vger.kernel.org> - " Silviu Vlasceanu <silviu.vlasceanu@huawei.com>\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Mon, 2017-11-20 at 07:47 +1100, James Morris wrote:\n" @@ -27,9 +21,9 @@ "> > LSMs are responsible to enforce a security policy at run-time,\n" "> > while IMA/EVM protect data and metadata against offline attacks.\n" "> \n" - "> In my view, IMA can also protect against making an online attack \n" + "> In my view, IMA can also protect against making an online attack?\n" "> persistent across boots, and that would be the most compelling use of\n" - "> it for many general purpose applications.\n" + "> it?for many general purpose applications.\n" "\n" "I do not quite buy that interpretation. If the online attack succeeds\n" "in bypassing the run-time checks, for example with a full root exploit,\n" @@ -48,6 +42,12 @@ "The content of this message is my personal opinion only and although\n" "I am an employee of Intel, the statements I make here in no way\n" "represent Intel's position on the issue, nor am I authorized to speak\n" - on behalf of Intel on this matter. + "on behalf of Intel on this matter.\n" + "\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -cf0aba553dc5cbaaa8d0e52b4e3e56f534b9755e488fe75246c22f056242baa3 +f497b91b4195222f710332c54f37ad4c707d96333b60d2428dea3d13e0102338
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.