[PATCH v2 3/4] ima: fail signature verification based on policy
Serge E. Hallyn
serge at hallyn.com
Wed Feb 28 15:30:15 UTC 2018
Quoting Mimi Zohar (zohar at linux.vnet.ibm.com):
> On Tue, 2018-02-27 at 16:35 -0600, Serge E. Hallyn wrote:
> > Quoting Mimi Zohar (zohar at linux.vnet.ibm.com):
> > > This patch addresses the fuse privileged mounted filesystems in
> > > environments which are unwilling to accept the risk of trusting the
> > > signature verification and want to always fail safe, but are for
> > > example using a pre-built kernel.
> > >
> > > This patch defines a new builtin policy "unverifiable_sigs", which can
> >
> > How about recalc_unverifiable_sigs?
>
> Cute, I really like that name, but in this case we're failing the
> signature verification.
>
> > It's long, but unverifiable_sigs
> > is not clear about whether the intent is to accept or recalculate them.
> >
> > (or fail_unverifiable_sigs like the flag)
>
> Could we abbreviate it to "fail_usigs"? Or perhaps allow both
> "fail_unverifiable_sigs" and "fail_usigs".
That sounds good. Or fail_unverified? But so long as 'fail' is somehow
clearly implied by the name.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list