On Mon, Oct 17, 2005 at 03:08:44PM -0400, David Safford wrote: > SLIM provides a simple integrity mandatory access control, similar > to LOMAC, but using EVM information to aid decisions, and to ensure > the integrity of guard processes. The former IMA (Integrity Measurement > Architecture) is included as a configurable part of SLIM. While IMA is > not an access control component, if integrity attestation is desired, it > is most efficiently implemented here, as EVM has already measured all > files, and SLIM knows which ones are integrity sensitive, and which > should therefore be added to the TPM registers. A better description of what exactly you mean here (like what's LOMAC?) would be very nice to try to examine your code to see if it matches up with your documentation (as you have no documentation now, it's pretty hard to see the big picture.) And you do know that Linux has "EVMS" already, which this is bound to get confused with... thanks, greg k-h
This archive was generated by hypermail 2.1.3 : Mon Oct 17 2005 - 23:34:25 PDT