On 05/31/2012 01:03 PM, Matthew Garrett wrote: > On Thu, May 31, 2012 at 12:53:30PM -0400, Gerry Reno wrote: >> On 05/31/2012 12:51 PM, Matthew Garrett wrote: >>> On Thu, May 31, 2012 at 12:49:53PM -0400, Gerry Reno wrote: >>>> The issue could be solved by having the SecureBoot default setting depend on the OS being booted: >>>> >>>> SecureBoot should only be Default:ON for Microsoft OS's and any other OS's that want to deal with that >>>> >>>> and should be Default:OFF for all others. >>> How do you distinguish between a non-Microsoft OS and a piece of malware >>> that will then boot a Microsoft OS? >>> >> The Microsoft OS should refuse to boot if it is being invoked in an unauthorized manner. > How does the Microsoft OS know that it's being invoked in an > unauthorised manner? > Could be any of a thousand ways to implement this. Maybe it checks the BIOS to determine whether some SecureBoot flag is set. . -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
