[Linux-ima-user] RFC: An Overview of the Linux Integrity Subsystem

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Following the EVM talk at this year's Linux Security Summit held in
conjunction with LinuxCon, a discussion ensued questioning some of the
integrity design decisions as implemented in the EVM/IMA-appraisal patch
set.  A whitepaper "An Overview of the Linux Integrity Subsystem"
attempts to address these concerns.
(http://downloads.sf.net/project/linux-ima/linux-ima/Integrity_overview.pdf)

For anyone interested in the proposed integrity subsystem,
linux-ima.sourceforge.net has been updated with new, hopefully,
simplified installation directions, patches to use the new
Trusted/Encrypted keys, which is now in the security-testing/#next tree,
a few bug fixes, and a sample dracut patch to enable EVM in the
initramfs.  (The patches are against the 2.6.36 stable tree.)

thanks,

Mimi Zohar
David Safford