O> Has any work taken place in the Linux community toward building a > "trusted loader" into Linux. If so, what is the status? If not, why > not? You probably want to discuss this on the SELinux lists. > the update is tied into yum. I realize that an infrastructure would have > to exist for developers to sign their apps, and store their public > certificates/keys, but this doesn't seem too far out of reach, after rpm uses signatures to check packages are authentic and this can be combined with SELinux labelling and rules to only permit executables created by rpm to be run. You still have the scripting problem of course. Alan -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
