From: Greg KH <greg@xxxxxxxxx> Date: Thu, 25 Jun 2020 14:07:25 +0200 > I really don't understand the objection here, why is this any different > than any other random kernel driver for what it can do? It's kernel code executing in userspace. If you don't trust the signed code you don't trust the signed code. Nothing is magic about a piece of code executing in userspace. I seriously think this dicussion is trying to create an issue that simply doesn't exist in reality. If some kernel module executed "/bin/sh" it's the same problem. There is no way to argue around this, so please stop doing so it's silly.
