Rawhide kernel image no longer readable

Kyle McMartin kyle at mcmartin.ca
Sun Nov 21 03:45:51 UTC 2010

On Sun, Nov 21, 2010 at 04:41:47AM +0100, Kevin Kofler wrote:
> Richard W.M. Jones wrote:
> > The thing is, we really need to be able to boot a kernel in qemu as
> > non-root, and carrying around a separately compiled or packaged kernel
> > is in nobody's interest.
> > 
> > I'm fairly sure this won't be the only application to break.  We found
> > it first because we are compiling and booting Rawhide in qemu
> > virtually daily (so we tend to find any kernel or qemu problems very
> > quickly -- it's the bain of my life).  But I bet others will be
> > needing to read those files.
> > 
> > Also, I do think this smacks a bit of security through obscurity ..
> > after all, the files that are being 'protected' here are being carried
> > on a hundred or more mirror sites.  It's the worst-kept secret :-)
> Uhm, indeed, making publicly available files non-readable is really useless.

If it stops even one automated attack, then it's worth while.

More information about the devel mailing list