Since some time ago, the Linux kernel has had support for cryptographically signed modules, i.e. the kernel can be configured to only load properly signed modules. https://www.kernel.org/doc/Documentation/module-signing.txt I wouldn't go to lengths explaining the benefits of it, I was just wondering if Arch has the infrastructure to sign the modules - since developers already sign the kernel package itself [*], and in that sense we (the users) already trust them to that level. I'm not suggesting that CONFIG_MODULE_SIG_FORCE is enabled by default - that would break 3rd party modules, but people could optionally use the "enforcemodulesig=1" kernel command line option if they want to. Thoughts? [*] though packages are gpg signed, and modules use x.509 -- damjan
