On Fr, 06.12.19 18:58, Lata Lante (latala...@cock.li) wrote: > > If you use LUKS/dm-crypt without dm-integrity and you have a clue > > where things are located then you can change files without anything > > being able to detect that. (On btrfs you might have some luck, since > > it has data checksumming, but ext4 and other traditional file systems > > do not). > Of course Ext4 can. > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f60c55a94e1d127186566f06294f2dadd966e9b4
Uh? fs-verity is read-only integrity protection, i.e. akin to dm-verity, not akin to dm-integrity. Also fs-verity applies to individual files only, it thus only has very specific usecases. You cannot sensibly do fs-verity across the whole OS tree, you'd spent agres to set it up at boot... Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
