Compiling trusted code in a trusted >environment >and then signing it and using secure boot to validate the signed binary >and running it does make sense, but compiling multiple times does not.
I dislike the term secure and prefer trust myself however the demands of enterprise are different than my own. The number of compiles is related to the number of boots again IMHO, this is far less of a problem than you would make it out to be. > >> I don't just pull this stuff out from under my hat you know, I do a >lot of reading. Its just that I'm limited to the stuff that's not above >my pay grade or not otherwise trade secrets. > >Well it sure seems like you do a lot of the time. Well that is your opinion and you are entitled to it. My opinion is that there is a need and a call for development of a trusted compiler to be used in a security enhanced OS which compiles at runtime and is based on the modular nature of the hardware itself and the needs of the enterprise in question. -- Sent via K-9 Mail. --- Talk Mailing List [email protected] http://gtalug.org/mailman/listinfo/talk
