On Wed, Dec 19, 2012 at 10:02 PM, "Tóth Attila" <[email protected]> wrote: > Integrity Measurement Architecture sounds interesting.
Last time I have looked into deploying IMA in Liberté Linux, it seemed like a world of pain with outdated kernel patches and a requirement for SELinux if you didn't want to guess the exact form in which file hashes would propagate into IMA backend. You can also forget about it working with anything non-standard like Unionfs. Use Busybox in initramfs? Its mount doesn't support -o iversion. Etc. etc. https://github.com/mkdesu/liberte/commit/73f7bf3 -- Maxim Kammerer Liberté Linux: http://dee.su/liberte
