Re: PEM and PCAs

Thus the software environment itself can be made relatively

unspoofable.

If this is the case, then the same environment can protect the database.
Why can't the OS maintain hashes of the database as well?

I guess it is possible to have only the executables on read only media
as you suggested but this in and of itself is not sufficient.  You
must insure that only that version of the executable is run and it
is not the case that someone placed a link to a bogus copy or something.

I guess I just don't happen to know of any such environment.

The NFS example of Derek's says very little for in that environment,
the same attach against the database can be used against the executable.

 -Ray

<Prev in Thread]	Current Thread	[Next in Thread>
Re: PEM and PCAs, (continued) Re: PEM and PCAs, James M Galvin Re: PEM and PCAs, Derek Atkins Re: PEM and PCAs, Theodore Ts'o Re: PEM and PCAs, Theodore Ts'o Re: PEM and PCAs, James M Galvin Re: PEM and PCAs, jueneman%wotan Re: PEM and PCAs, Ashar Aziz Re: PEM and PCAs, Raymond Lau Re: PEM and PCAs, Derek Atkins Re: PEM and PCAs, Ashar Aziz Re: PEM and PCAs, Raymond Lau <= Re: PEM and PCAs, Theodore Ts'o

Previous by Date:	Re: PEM and PCAs, Derek Atkins
Next by Date:	Re: PEM and PCAs, Theodore Ts'o
Previous by Thread:	Re: PEM and PCAs, Ashar Aziz
Next by Thread:	Re: PEM and PCAs, Theodore Ts'o
Indexes:	[Date] [Thread] [Top] [All Lists]