Hm, makes sense. I suppose I was imagining that if the parent is already at the point where it’s doing the assembly, then we already know from earlier that the parent is correct, and the verification issue now only applies to the child machine.
However, I hadn’t considered the possibility that the parent’s data could get mutated after the parent’s assembly, but that would certainly be possible, and create a single point of vulnerability at a simple integrity check’s implementation.
Hm, makes sense. I suppose I was imagining that if the parent is already at the point where it’s doing the assembly, then we already know from earlier that the parent is correct, and the verification issue now only applies to the child machine.
However, I hadn’t considered the possibility that the parent’s data could get mutated after the parent’s assembly, but that would certainly be possible, and create a single point of vulnerability at a simple integrity check’s implementation.