On Mon, 2024-07-15 at 10:10 -0400, Jeffrey Walton wrote: > On Mon, Jul 15, 2024 at 6:48 AM George N. White III > <gnwiii@xxxxxxxxx> wrote: > > > > On Sun, Jul 14, 2024 at 5:50 AM François Patte > > <francois.patte@xxxxxxxxxxxxxxxxxxxx> wrote: > > > [...] > > > I have secure boot enabled. > > > > > > Is there some how-to explaining with details how to proceed. > > > I'm not > > > very good with efi boot system nor secure boot. > > > > You should know that secure boot as implemented in most linux > > distros is > > "security theater". > > Another complaint about Trusted Execution Environments and Secure > Boot > is, they only make a statement/attestation about the system in the > past. A system with resident malware exploited after boot will still > report Ok. > > > Extra work is needed when initread and kernel are separate, > > and /boot should be encrypted: > > <https://ruderich.org/simon/notes/secure-boot-with-grub-and-signed- > > linux-and-initrd> > > > The existing Fedora secure boot configuration may offer some > > protection for those > > who also boot Windows. I'm not sure what any of this has to do with installing Nvidia drivers, but then I've never enabled Secure Boot. poc -- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
