Re: veriexec: read from stdin

To: Sevan Janiyan <venture37%geeklan.co.uk@localhost>
Subject: Re: veriexec: read from stdin
From: Alexander Nasonov <alnsn%yandex.ru@localhost>
Date: Sun, 28 Apr 2019 11:19:49 +0100

Sevan Janiyan wrote:
> 
> 
> On 27/04/2019 23:24, Alexander Nasonov wrote:
> > I wrote a patch that adds the -i option to read from stdin but I
> > don't want to rush things before I hear opinions.
> 
> No objection to the functionality, but I'm working on a patch from
> bin/34773 which adds newer flags to veriexecgen where -i and -I are used
> for handling interpreters.
> See http://mail-index.netbsd.org/tech-userlevel/2006/10/09/0002.html for
> a description.

Ok, -f then.

> sure but now we need tamper resistance for the tamper resistance
> mechanism's database (signed builds?) ;)

Yes, we need signed builds ;-)

Entries in set.xxx already have sha256 checksums and they can be easily
converted to veriexec fingerprints with a simple awk+sed or lua script.

-- 
Alex

References:
- veriexec: read from stdin
  - From: Alexander Nasonov
- Re: veriexec: read from stdin
  - From: Sevan Janiyan

Prev by Date: Re: veriexec: read from stdin
Next by Date: NetBSD Security Advisory 2019-002: Unprivileged kernel memory overwrite in mq_send(3)
Previous by Thread: Re: veriexec: read from stdin
Next by Thread: NetBSD Security Advisory 2019-002: Unprivileged kernel memory overwrite in mq_send(3)
Indexes:

Home | Main Index | Thread Index | Old Index