From: Mimi Zohar <zohar@linux.ibm.com>
To: Vitaly Chikunov <vt@altlinux.org>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
linux-integrity@vger.kernel.org
Subject: Re: [PATCH 1/2] ima-evm-utils: Do not allow fallback and unknown hash algos
Date: Thu, 25 Jul 2019 10:29:02 -0400 [thread overview]
Message-ID: <1564064942.4245.118.camel@linux.ibm.com> (raw)
In-Reply-To: <20190725140832.lyfchzy2i6s5njnk@altlinux.org>
On Thu, 2019-07-25 at 17:08 +0300, Vitaly Chikunov wrote:
> Mimi,
>
> On Thu, Jul 25, 2019 at 09:44:02AM -0400, Mimi Zohar wrote:
> > On Thu, 2019-07-25 at 09:13 +0300, Vitaly Chikunov wrote:
> > > Falling back and permissiveness could have security implications.
> > >
> > > Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
> >
> > Thanks! Please update the README, removing "(default)", and rebase on
> > top of the "param" changes.
>
> In my understanding this text in README should not be changed, since not
> specifying `-a' is the same as `-a sha1', so default holds. Code
> handling this is not changed (which is in src/libimaevm.c:87).
Agreed
>
> What I changed is some other unexpected switching to sha1. Like when
> user specify wrong hash name in `-a'.
>
> So I will not resend this (as there is no changes). And I want to rebase
> `param' & `imaevm_' prefix patch over these two commits.
That works.
thanks,
Mimi
prev parent reply other threads:[~2019-07-25 14:29 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-25 6:13 [PATCH 1/2] ima-evm-utils: Do not allow fallback and unknown hash algos Vitaly Chikunov
2019-07-25 6:13 ` [PATCH 2/2] ima-evm-utils: Show used hash algo in verbose mode Vitaly Chikunov
2019-07-25 13:49 ` Mimi Zohar
2019-07-25 13:44 ` [PATCH 1/2] ima-evm-utils: Do not allow fallback and unknown hash algos Mimi Zohar
2019-07-25 14:08 ` Vitaly Chikunov
2019-07-25 14:29 ` Mimi Zohar [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1564064942.4245.118.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=linux-integrity@vger.kernel.org \
--cc=vt@altlinux.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.