From owner-freebsd-hackers  Thu Apr 29  3:23:36 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from login-2.eunet.no (login-2.eunet.no [193.71.71.239])
	by hub.freebsd.org (Postfix) with ESMTP id 86F8114C01
	for <hackers@FreeBSD.ORG>; Thu, 29 Apr 1999 03:23:31 -0700 (PDT)
	(envelope-from mbendiks@eunet.no)
Received: from login-1.eunet.no (mbendiks@login-1.eunet.no [193.71.71.238])
	by login-2.eunet.no (8.9.3/8.9.0/GN) with ESMTP id MAA16919;
	Thu, 29 Apr 1999 12:23:30 +0200 (CEST)
Received: from localhost (mbendiks@localhost)
	by login-1.eunet.no (8.8.8/8.8.8) with ESMTP id MAA05056;
	Thu, 29 Apr 1999 12:23:30 +0200 (CEST)
	(envelope-from mbendiks@eunet.no)
X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs
Date: Thu, 29 Apr 1999 12:23:30 +0200 (CEST)
From: Marius Bendiksen <mbendiks@eunet.no>
To: Joe Abley <jabley@clear.co.nz>
Cc: Andrew Reilly <andrew@lake.com.au>,
	Chuck Robey <chuckr@picnic.mat.net>,
	John Birrell <jb@cimlogic.com.au>, hackers@FreeBSD.ORG
Subject: Re: Adding desktop support
In-Reply-To: <19990429112007.C81921@clear.co.nz>
Message-ID: <Pine.BSF.4.05.9904291222560.4874-100000@login-1.eunet.no>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> Why not store a PGP signature for the executable section in a separate
> metadata section? All binaries could be essentially signed by root@buildhost,
> which ought to make routine checks for validity of Important System Binaries
> easier and better.

This could be done using the idea of directory hiearchies inside files, as
suggested earlier on. Optional, of course.

- Marius -



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message