Commit | Line | Data |
---|---|---|
1aaa6ba3 NR |
1 | <!DOCTYPE html> |
2 | <html> | |
3 | <head> | |
4 | <meta http-equiv='content-type' content='text/html; charset=utf-8'> | |
5 | <meta name='viewport' content='width=device-width, initial-scale=1.0'> | |
6 | <style type='text/css'> | |
7 | body { margin: 1em 15%; } | |
8 | </style> | |
9 | </head> | |
10 | <body> | |
11 | <div class='story-header'> | |
c715ea02 | 12 | <h2><a href='0000763729.html'>[$] Protecting files with fs-verity</a></h2> |
1aaa6ba3 NR |
13 | <div class='details'>([Kernel] Aug 30, 2018 18:50 UTC (Thu) (corbet))</div> |
14 | <br/> | |
15 | <div class='content' style='text-align: justify'> | |
e818d449 | 16 | The developers of the Android system have, among their many goals, the wish to better protect Android devices against persistent compromise. It is bad if a device is taken over by an attacker; it's worse if it remains compromised even after a reboot. Numerous mechanisms for ensuring the integrity of installed system files have been proposed and implemented over the years. But it seems there is always room for one more; to fill that space, the [1]fs-verity mechanism is being proposed as a way to protect individual files from malicious modification.<br/><br/><br/><br/>[1] https://lwn.net/ml/linux-fsdevel/20180824161642.1144-1-ebiggers@kernel.org/ |
1aaa6ba3 NR |
17 | </div> |
18 | <hr/> | |
19 | </div> | |
20 | </body> |