On Mon, Jun 23, 2008 at 07:06:33PM +0200, Alexander Vlasov wrote: > Currently OpenSolaris contains complete elfsign(1) infrastructure, > including tools to sign/verify and keys set; however, lots of elves > aren't in fact signed at all. Should it be considered a bug?
It's likely that only files coming from the ON and install consolidations (maybe a few others?) are signed. I think that the security folks would probably like for all ELF files to be signed, but no one's gone to the effort to work with the other consolidations to make that happen. At any rate, it's got nothing to do with pkg(5). You might take it up on security-discuss. Danek _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
