Re: [PATCH RFC] kernel build: enable use of password-protected signing keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9.2.2014 23:38, Emily Maier wrote:
> Currently, the module signing script assumes that the private key is 
> not password-protected. This patch makes it slightly more secure by 
> allowing it to be passed in on the command line as "make 
> modules_install MOD_PASSWORD=abc". It's vulnerable to snooping during 
> the build of course, but so is an unprotected signing key.

The key's permissions can be set to 0600, while the make commandline is
visible in ps.

Michal
--
To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux&nblp;USB Development]     [Linux Media]     [Video for Linux]     [Linux Audio Users]     [Yosemite Secrets]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux