| 1 | <!DOCTYPE html> |
| 2 | <html> |
| 3 | <head> |
| 4 | <meta http-equiv='content-type' content='text/html; charset=utf-8'> |
| 5 | <meta name='viewport' content='width=device-width, initial-scale=1.0'> |
| 6 | <style type='text/css'> |
| 7 | body { margin: 1em 15%; } |
| 8 | </style> |
| 9 | </head> |
| 10 | <body> |
| 11 | <div class='story-header'> |
| 12 | <h2><a href='0000763729.html'>[$] Protecting files with fs-verity</a></h2> |
| 13 | <div class='details'>([Kernel] Aug 30, 2018 18:50 UTC (Thu) (corbet))</div> |
| 14 | <br/> |
| 15 | <div class='content' style='text-align: justify'> |
| 16 | The developers of the Android system have, among their many goals, the wish to better protect Android devices against persistent compromise. It is bad if a device is taken over by an attacker; it's worse if it remains compromised even after a reboot. Numerous mechanisms for ensuring the integrity of installed system files have been proposed and implemented over the years. But it seems there is always room for one more; to fill that space, the [1]fs-verity mechanism is being proposed as a way to protect individual files from malicious modification.<br/><br/><br/><br/>[1] https://lwn.net/ml/linux-fsdevel/20180824161642.1144-1-ebiggers@kernel.org/ |
| 17 | </div> |
| 18 | <hr/> |
| 19 | </div> |
| 20 | </body> |