On Sun, May 12, 2019 at 03:18:16AM -0700, h...@zytor.com wrote:
> > Couldn't this parsing of the .xattr-list file and the setting of the xattrs
> > be done equivalently by the initramfs' /init? Why is kernel involvement
> > actually required here?
>
> There are a lot of things that could/should be done that way...
Indeed... so why not try to avoid adding more such "things", and keeping
them in userspace (or in a fork_usermode_blob)?
On Sun, May 12, 2019 at 08:52:47AM -0400, Mimi Zohar wrote:
> It's too late. The /init itself should be signed and verified.
Could you elaborate a bit more about the threat model, and why deferring
this to the initramfs is too late?
Thanks,
Dominik
