Date: Thu, 29 Apr 1999 11:20:07 +1200 From: Joe Abley <jabley@clear.co.nz> To: Andrew Reilly <andrew@lake.com.au> Cc: Chuck Robey <chuckr@picnic.mat.net>, John Birrell <jb@cimlogic.com.au>, hackers@FreeBSD.ORG, jabley@clear.co.nz Subject: Re: Adding desktop support Message-ID: <19990429112007.C81921@clear.co.nz> In-Reply-To: <19990428233131.A30171@gurney.reilly.home>; from Andrew Reilly on Wed, Apr 28, 1999 at 11:31:31PM %2B1000 References: <199904280647.QAA26783@cimlogic.com.au> <Pine.BSF.4.10.9904280908530.378-100000@picnic.mat.net> <19990428233131.A30171@gurney.reilly.home>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 28, 1999 at 11:31:31PM +1000, Andrew Reilly wrote: > I really, really, don't like the idea of mutable state in an > application (executable). There are reasons that I log in as > me, and use executables owned by root, that I can't modify. This reminds me of another idea that sprang to mind as I wound through traffic to work this morning. Why not store a PGP signature for the executable section in a separate metadata section? All binaries could be essentially signed by root@buildhost, which ought to make routine checks for validity of Important System Binaries easier and better. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990429112007.C81921>