Harlan Lieberman-Berg writes:
> It also requires us to reenable kexec functionality, which exposes a
> risk of code injection unless we get signed kexec support.
I just checked the kernel, and it seems that signed kexec functionality
was mainlined in 3.17. So, strike that
Hello everyone!
Thanks for weighing in, PaX Team. (And thank you for the awesome you
and spender do on kernel security!)
To summarize, it seems that we have a couple different options to choose
from:
* Switch to a dedicated microkernel that does a memory wipe, and kexec
into it. This could
hi,
Dash Press:
> my ‘source’ mentions that you are working on Dash with Tails implementation
I'm sorry I don't understand what do you mean here :/
Care to rephrase or clarify?
> can you please provide me any details / updates about that ?
Certainly, once I've understood the question :)