On Tue, Dec 14, 2021 at 09:18:20PM +0000, Zbigniew Jędrzejewski-Szmek wrote:
My understanding it the following: fs-verity originated in the
Android
world where you can have an unprivileged process downloading a file,
e.g. a jar. This unprivileged process manages the download, but the
file is only trusted and executed when it has a matching signature
from some central authority. The file contains the whole app,
including all resources, so there is no question of other unverified
files being used by the app. And the file can be large enough that
it's practical to do chunked verification, since checksumming the whole
file on first use would be slow.
This does seem rather reminiscent of our LiveCD squashfs situation....
--
Matthew Miller
<mattdm(a)fedoraproject.org>
Fedora Project Leader