On Thu, Sep 12, 2013 at 7:12 PM, The Doctor <[email protected]> wrote: > It is worth noting that, if an unprivileged user can list the contents > of the file, an unprivileged user (an attacker) can potentially unpack > the contents of the file, tamper with them, and then repack them. I > do not know if there are any measures to detect alteration of this > file when TAILS boots, I haven't taken the time to go poking around > inside the initrd.img or initrd2.img files (used by the kernel when > TAILS boots) to see if there is anything of that sort. A cursory > examination of the contents of the syslinux/ directory does not show > anything of that sort.
Use Liberté if you want the real thing — a trusted boot chain. http://dee.su/liberte-security Current version verifies the SquashFS image in initramfs, but the next version will use dm-verity to remove that small delay. https://code.google.com/p/cryptsetup/wiki/DMVerity -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
