On Thu, May 31, 2012 at 1:07 PM, Gerry Reno <greno@xxxxxxxxxxx> wrote: > Could be any of a thousand ways to implement this. > Maybe it checks the BIOS to determine whether some SecureBoot flag is set. While it pains me to argue with someone on my side— you're incorrect. The compromised system would just intercept and emulate or patch out that test. I think I gave a reasonable outline as to why this is pointless— that the unsigned userspace will just keep reexploiting the kernel after boot and before updates be installed. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
