[DM-Verity][HELP] Unlock Verity Target during runtime

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,
I am trying to implement DM-Verity for the rootfs. However, I am not sure what the scope of DM Verity. I can see that given a root/sudo user, I can unload the verity target, write to rootfs and format and load it again, is it possible that this is normal that can be carried out using rootkits or any privileged app?
Also, how can DM-Verity ensure that the system boots to correct rootfs if rootfs was changed after an OTA?
Please help me to understand the actual scope of DM Verity

Thanks,
AP




_______________________________________________
dm-crypt mailing list -- dm-crypt@xxxxxxxx
To unsubscribe send an email to dm-crypt-leave@xxxxxxxx

[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux