From 2abc74e249f83ac2b55992c35c7bc9e8f13ae43f Mon Sep 17 00:00:00 2001 From: Matthew Mondor Date: Thu, 9 Jul 2015 04:15:51 +0000 Subject: [PATCH] *** empty log message *** --- netbsd/netbsd_improvements.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/netbsd/netbsd_improvements.txt b/netbsd/netbsd_improvements.txt index bf6dc2e..08d70cc 100644 --- a/netbsd/netbsd_improvements.txt +++ b/netbsd/netbsd_improvements.txt @@ -18,6 +18,9 @@ Status, defined by the first column: VeriExec not far from that, but it's still different as it does not verify signatures, it instead verifies a checksum. The signatures should be added as a new special ELF section. + Ideally, writing to protected files should optionally be forbidden; + otherwise, their cached verified-signature status should be forgotten in + order for the next use to verify the signature again. - NPF - Lack of proper diagnostics/stats -- 2.9.0