Issue 1566055: Add testing root certs to an nssdb on the rootfs.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 1566055: Add testing root certs to an nssdb on the rootfs. (Closed)

Created:
10 years, 8 months ago by Chris Masone

Modified:
9 years, 7 months ago

Reviewers:
Will Drewry, sosa

CC:
chromium-os-reviews_chromium.org

Visibility:
Public.

Description

Add testing root certs to an nssdb on the rootfs. After discussing with drewry, we can't come up with a better way to inject these root certs. We considered putting them on the stateful partition, but that opens up an avenue of attack (if you can get a root cert into the magic directory, then you can MITM login). Thus, we put it on the rootfs instead. The script that sets up the hashes for vboot will verify that this directory is not present in production images. That work is tracked here: http://code.google.com/p/chromium-os/issues/detail?id=2693

Patch Set 1 #

Created: 10 years, 8 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+10 lines, -2 lines)			Patch
	M	src/scripts/mod_for_test_scripts/710enableAuthTesting	View		1 chunk	+10 lines, -2 lines	0 comments	Download

Messages

Total messages: 2 (0 generated)

Expand Messages | Collapse Messages

lgtm

Expand Messages | Collapse Messages