@ddiss fsverity would also be suitable. If you go with this approach, I
recommend also including the total length of the payload in the (signed)
header, to avoid vulnerabilities where extra data somehow doesn’t get hashed.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/discussions/2057#discussioncomment-9281315
You are receiving this because you are subscribed to this thread.
Message ID:
<rpm-software-management/rpm/repo-discussions/2057/comments/9281...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint