[$] Signing programs for Linux

By jake

At his 2017 Open
Source Summit North America
talk, Matthew Garrett looked at the state
of cryptographic signing and verification of programs for Linux. Allowing
policies that would restrict Linux from executing programs that are not
signed would provide a measure of security for those systems, but there is
work to be done to get there.
Garrett
started by talking about “binaries”, but programs come in other forms
(e.g. scripts) so any solution must look beyond simply binary executables.

From: LWN

Share