On Thu, Jun 30, 2011 at 3:37 PM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > > On Thu, 2011-06-30 at 14:06 -0700, Ryan Ware wrote: > > Glad to see this going in Mimi! Looking forward to enabling this in our > > MeeGo kernels. > > > > Ryan > > I wish. As far as I'm aware, EVM hasn't been upstreamed. The good news > is that the ecryptfs encrypted-key patches are now in the > security-testing tree. True. My wording should have been clearer. It's definitely good to have the ecryptfs patches in. > > > On 6/29/11 12:50 PM, "Mimi Zohar" <zohar@xxxxxxxxxxxxxxxxxx> wrote: > > > > >Discretionary Access Control(DAC) and Mandatory Access Control(MAC) can > > >protect the integrity of a running system from unauthorized changes. When > > >these protections are not running, such as when booting a malicious OS, > > >mounting the disk under a different operating system, or physically moving > > >the disk to another system, an "offline" attack is free to read and write > > >file data/metadata. > > > > > >...snip... > > > > > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
