[PATCH v2 3/4] ima: fail signature verification based on policy
zohar at linux.vnet.ibm.com
Fri Mar 2 21:10:15 UTC 2018
On Wed, 2018-02-28 at 09:30 -0600, Serge E. Hallyn wrote:
> Quoting Mimi Zohar (zohar at linux.vnet.ibm.com):
> > On Tue, 2018-02-27 at 16:35 -0600, Serge E. Hallyn wrote:
> > > Quoting Mimi Zohar (zohar at linux.vnet.ibm.com):
> > > > This patch addresses the fuse privileged mounted filesystems in
> > > > environments which are unwilling to accept the risk of trusting the
> > > > signature verification and want to always fail safe, but are for
> > > > example using a pre-built kernel.
> > > >
> > > > This patch defines a new builtin policy "unverifiable_sigs", which can
> > >
> > > How about recalc_unverifiable_sigs?
> > Cute, I really like that name, but in this case we're failing the
> > signature verification.
> > > It's long, but unverifiable_sigs
> > > is not clear about whether the intent is to accept or recalculate them.
> > >
> > > (or fail_unverifiable_sigs like the flag)
> > Could we abbreviate it to "fail_usigs"? Or perhaps allow both
> > "fail_unverifiable_sigs" and "fail_usigs".
> That sounds good. Or fail_unverified? But so long as 'fail' is somehow
> clearly implied by the name.
None of these names mean anything to anyone but us. How about
"fail_safe"? That at least has some meaning to some people.
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive