Borys Popławski
Borys Popławski
I didn't work with such big enclaves so, but I would expect it to be super slow. On my testing machine (it's rather old, so maybe these numbers are much...
> Any idea how to make this harder to use insecurely? Maybe we could only allow running these apps from Protected Files (and disallow any key manipulation in the window...
> When the user gets a pre-built docker image, instead of building his own app. > The user may want to keep MRENCLAVE to a well known value, in order...
> With the added KSS support, Gramine sets CONFIGID and CONFIGSVN (and maybe other new SGX fields) to some kind of secure hash of the loaded binary. This reflects the...
But the code handling remove attestation could just handle this - it knows when / in what app it runs
> What are we talking about? You said the purpose of this feature is to know the "currently running binary" in Gramine. My point is that this is not a...
> But how are you gonna check it? We currently use sgx_report.user_data for the hash of the public key of the ephemeral keypair generated inside of the SGX enclave (for...
> One other thing that we forgot in this discussion is that CONFIGID is also important for SGX sealing feature -- it can be thrown in the key-derivation mix. So...
12. Change name of chroot filesystem
There might be two issues: 1) we lack a way of spawning processes not inside Gramine in our test suite 2) constant spam of signals might render the app unusable...