From: Friedrich L. <fl...@fl...> - 2004-02-08 20:15:09
|
Heiko Zuerker wrote on 08.02.2004 20:46 MET: > Friedrich Lobenstock wrote: > >> Bruce Smith wrote on 08.02.2004 17:50 MET: >> >>>> The update must be signed (pgp) and performed from within initrd, >>>> that's the easy part. >>>> >>>> My original idea was to add the iso image as boot.cd.new to the root >>>> of the media and then just check for it's existence, verify it, >>>> rename it to bootcd.iso and continue. >>> >>> >>> >>> >>> So, the USB stick has to be large enough to hold TWO copies of the ISO? >> >> >> >> Hmmm...yes we can not overwrite the current ISO as it is currently >> mounted. What if we go back to load everything into memory? Then >> we could just replace the ISO on the memory stick (incl. its >> signature file) in place. What is cheaper? RAM or USB-Memory sticks? > > > That would require hundreds of MBs. I would say if somebody wants to use > this feature, he has to provide the necessary space on this stick or > whereever it is on. > >> BTW how do we handle the ISOs created with custom-cd? > > > Since the User will replace the ISO himself, he can do it with whatever > version he prefers. I mean how do you check the signature if the user did run custom-cd? How do we support security against tempering that way? -- MfG / Regards Friedrich Lobenstock ____________________________________________________________________ Friedrich Lobenstock Linux Services Lobenstock URL: http://www.lsl.at/ Email: fl...@fl... ____________________________________________________________________ |