Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S268064AbUJOPxT (ORCPT ); Fri, 15 Oct 2004 11:53:19 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S268089AbUJOPxT (ORCPT ); Fri, 15 Oct 2004 11:53:19 -0400 Received: from out007pub.verizon.net ([206.46.170.107]:33710 "EHLO out007.verizon.net") by vger.kernel.org with ESMTP id S268064AbUJOPxK (ORCPT ); Fri, 15 Oct 2004 11:53:10 -0400 From: Gene Heskett Reply-To: gene.heskett@verizon.net Organization: Organization: None, detectable by casual observers To: linux-kernel@vger.kernel.org Subject: Re: Fw: signed kernel modules? Date: Fri, 15 Oct 2004 11:53:08 -0400 User-Agent: KMail/1.7 Cc: Josh Boyer , root@chaos.analogic.com, Roman Zippel , David Howells , "Rusty Russell (IBM)" , David Woodhouse , Greg KH , Arjan van de Ven , Joy Latten References: <27277.1097702318@redhat.com> <1097843492.29988.6.camel@weaponx.rchland.ibm.com> In-Reply-To: <1097843492.29988.6.camel@weaponx.rchland.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200410151153.08527.gene.heskett@verizon.net> X-Authentication-Info: Submitted using SMTP AUTH at out007.verizon.net from [151.205.58.180] at Fri, 15 Oct 2004 10:53:09 -0500 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1785 Lines: 48 On Friday 15 October 2004 08:31, Josh Boyer wrote: >On Fri, 2004-10-15 at 07:10, Richard B. Johnson wrote: >> On Fri, 15 Oct 2004, Roman Zippel wrote: >> > Hi, >> > >> > On Thu, 14 Oct 2004, David Howells wrote: >> >> I've uploaded an updated module signing patch with Rusty's >> >> suggested additions: >> > >> > Can someone please put this patch into some context, where it's >> > not completely pointless? As is it does not make anything more >> > secure. Why is the kernel more trustable than a kernel module? >> > If someone could show me how I can trust the running kernel, it >> > should be rather easy to extend the same measures to modules >> > without the need for this patch. >> > >> > bye, Roman >> > - >> >> This is just the first step, which I think must be quashed >> immediately. The ultimate goal is to control what you put >> into your computer. Eventually, some central licensing >> authority will certify any modules that are allowed to >> be run in your computer. Doesn't anybody else see this? > >cd linux-2.6; >patch -R -p1 < ../ > >josh > Yes, but what happens if it gets into the tarballs from kernel.org. Stop this nonsense Linus, now. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) 99.27% setiathome rank, not too shabby for a WV hillbilly Yahoo.com attorneys please note, additions to this message by Gene Heskett are: Copyright 2004 by Maurice Eugene Heskett, all rights reserved. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/