Read Time:22 Second
Posted by jvoisin via Fulldisclosure on Jun 21
I’m unsure I understand the threat model here: an attacker with root
privileges is able to modify the kernel data about to be relinked?
You’re also mentioning SLSA, but as you also said, OpenBSD doesn’t have
reproducible builds and all the cool build hardening things(tm). So
having a cryptographic path to the resulting relinked kernel won’t
really improve anything, given the current state of affairs.