Quoting Mimi Zohar (zohar@xxxxxxxxxxxxxxxxxx): > On Tue, 2018-02-27 at 16:35 -0600, Serge E. Hallyn wrote: > > Quoting Mimi Zohar (zohar@xxxxxxxxxxxxxxxxxx): > > > This patch addresses the fuse privileged mounted filesystems in > > > environments which are unwilling to accept the risk of trusting the > > > signature verification and want to always fail safe, but are for > > > example using a pre-built kernel. > > > > > > This patch defines a new builtin policy "unverifiable_sigs", which can > > > > How about recalc_unverifiable_sigs? > > Cute, I really like that name, but in this case we're failing the > signature verification. > > > It's long, but unverifiable_sigs > > is not clear about whether the intent is to accept or recalculate them. > > > > (or fail_unverifiable_sigs like the flag) > > Could we abbreviate it to "fail_usigs"? Or perhaps allow both > "fail_unverifiable_sigs" and "fail_usigs". That sounds good. Or fail_unverified? But so long as 'fail' is somehow clearly implied by the name.
