On Fri, 2010-01-22 at 17:08 +0100, Martin Langhoff wrote:
> On Fri, Jan 22, 2010 at 5:04 PM, Tomas Mraz <[email protected]> wrote:
> > No, it does not prevent malicious attacker from subverting the
> > executable. The integrity check prevents just inadvertent modification
> > of the executables/libraries which contain the certified code.
>
> Like prelink? ;-)
Yes, for example. That's why prelink must be disabled when the machine
is running in the FIPS compliant mode.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/devel
