 |
Post Avzp9XDt5c1wSCCX6e by [email protected] |
 |
More posts by [email protected] |
|
Post #AvBY3wthJ5IpDfVn28 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
1️⃣7️⃣ Here's the 17th post highlighting key new features of the u… |
|
|
|
Post #AvBY3xqBnc5g94sVCi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
… which ultimately are just GPT partitioned disk images, which use a number o… |
|
|
|
Post #AvBY3yODl5JRqcngFU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Because of that we always have been somewhat reluctant to encode additional met… |
|
|
|
Post #AvBY40tURnVtcBRgGW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
The *purpose* of the file system itself is encoded in the GPT (i.e. if some fs … |
|
|
|
Post #AvBY42BbdvbBcevf8q by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Or in other words: if we discover some file system, and it looks like we shall … |
|
|
|
Post #AvBY445eZ21dWm9w8m by [email protected] |
|
0 likes, 0 repeats |
|
|
|
2. We need some code that looks at that metadata and compares it with how thing… |
|
|
|
Post #AvBY44zfCmpQKUMfRY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
The xattrs encode the intended mount location for the file system, and they may… |
|
|
|
Post #AvBY463bFdZTczDKDY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
… a locked down DDI, and boots it up, it will progress to some point: the fil… |
|
|
|
Post #AvBY46lYcCjVpJmQjY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
For more information see the https://github.com/systemd/systemd/blob/main/man/s… |
|
|
|
Post #Avz6FlOCptwwBrci8W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@pid_eins So uhm, just one problem, what happens if I connect the drive from an… |
|
|
|
Post #Avz6FlUaSB3OVebo5A by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@agowa338 The constraints are only enforced on mounts actually relevant for the… |
|
|
|
Post #Avz6Flac5lsGoLQcTY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@pid_eins so things only break if I forget to detach the drive when rebooting?I… |
|
|
|
Post #Avz6FlgdjMh972FQrw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@agowa338 systemd's gpt auto logic only does ddi dissection on the disk the… |
|
|
|
Post #Avz6FlmfMxW1Pj4FGK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@pid_eins Then you're already better than LVM. Well at least if the esp is … |
|
|
|
Post #Avz6FlsL1s3JhJim6S by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@agowa338 not precisely an lvm fanboy here. Sorry. Also i am pretty sure lvm ha… |
|
|
|
Post #Avz6FlwEnNAhtPXtBI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@pid_eins However it may come in handy when trying to "hack into" som… |
|
|
|
Post #Avz6Fly0gmabyuNIwa by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@pid_eins @agowa338 If you want to build a “modern, secure OS” I’d look a… |
|
|
|
Post #AvznmGtDYCeDBLsO0W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@alwayscurious @agowa338 @QubesOS there's dm-integrity which you can either… |
|
|
|
Post #AvznmH1j2ZS9bjrBGi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@pid_eins @alwayscurious @QubesOS I'd guess that using dm-crypt with some f… |
|
|
|
Post #AvznmH8ocD7lxjAqJs by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@agowa338 @pid_eins @QubesOS Actually, using it is a security vulnerability, at… |
|
|
|
Post #AvznpD7i0gNeN03WrY by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@pid_eins @agowa338 @QubesOS dm-integrity doesn't protect against replay at… |
|
|
|
Post #Avzp9X6RXI4k56iaVE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@alwayscurious @pid_eins @QubesOS "Using it"? What "it" are… |
|
|
|
Post #Avzp9XDt5c1wSCCX6e by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@agowa338 @pid_eins @QubesOS dm-crypt with any of the currently supported authe… |
|
|
|
Post #AvzpExkRtfioAU1HVY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@alwayscurious @pid_eins @QubesOS Replay attacks are kinda out of scope for mos… |
|
|
|
Post #AvzpExrBUd6qVNAf0S by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@agowa338 @pid_eins @QubesOS Even if rolling back the entire image is out of sc… |
