My response wasn't about the kernel issue, I was referring to your assertion that there is "no way for the OS to prove that the PAM stack hasn't been replaced".
But there is, since the OS can execute processes in parallel with the PAM stack (e.g. init, sulogin) which can independently observe it.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: assumption of innocence
Date: 2012-06-21 02:03 pm (UTC)But there is, since the OS can execute processes in parallel with the PAM stack (e.g. init, sulogin) which can independently observe it.