On 2012/09/20 04:45, Matthew Miller wrote:
On Thu, Sep 20, 2012 at 04:29:47AM -0700, jdow wrote:
That is why I like my unique to the machine key that is supplied to the
user along with the board serial number. So he can make changes. But the
changes for his system cannot affect other systems. That would make
custom signed Linux kernels possible for a person testing kernel builds
or compiling in obscure filesystems, such as I do from time to time.
You will be able to do this -- at least, on x86. Some lobbying on the ARM
front is needed.
It won't be a key that's supplied to the user, though. The user will be able
to add their own.
As long as the key is unique to one single machine the idea is sound
except for the "user too stupid to live" cases.
{^_^}
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org