From owner-freebsd-hackers Thu Apr 29 3:23:36 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from login-2.eunet.no (login-2.eunet.no [193.71.71.239]) by hub.freebsd.org (Postfix) with ESMTP id 86F8114C01 for ; Thu, 29 Apr 1999 03:23:31 -0700 (PDT) (envelope-from mbendiks@eunet.no) Received: from login-1.eunet.no (mbendiks@login-1.eunet.no [193.71.71.238]) by login-2.eunet.no (8.9.3/8.9.0/GN) with ESMTP id MAA16919; Thu, 29 Apr 1999 12:23:30 +0200 (CEST) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.8.8/8.8.8) with ESMTP id MAA05056; Thu, 29 Apr 1999 12:23:30 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 29 Apr 1999 12:23:30 +0200 (CEST) From: Marius Bendiksen To: Joe Abley Cc: Andrew Reilly , Chuck Robey , John Birrell , hackers@FreeBSD.ORG Subject: Re: Adding desktop support In-Reply-To: <19990429112007.C81921@clear.co.nz> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Why not store a PGP signature for the executable section in a separate > metadata section? All binaries could be essentially signed by root@buildhost, > which ought to make routine checks for validity of Important System Binaries > easier and better. This could be done using the idea of directory hiearchies inside files, as suggested earlier on. Optional, of course. - Marius - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message