On Sat, Jun 2, 2012 at 11:40 AM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: > On Sat, Jun 02, 2012 at 12:18:17PM -0400, Orcan Ogetbil wrote: > >> Hmm, will the package maintainers have the freedom to not support >> users who have the secureboot enabled? How are we going to detect >> this? > > Any piece of userspace can read the SecureBoot and SetupMode variables > and check that they're 1 and 0 respectively. But refusing to run in that > scenario would provide no extra security, so the only reason to do so > would be to warn the user that kernel functionality the application > depends on may not be available. > > But if you mean "I philosophically object to secure boot and want to > prevent my packages from working on systems with it enabled" then yes, > that's clearly a thing you could do. I don't think it's worth discussing > whether it's something that you should do or something that would be > treated as a bug unless someone actually wants to do it. Doing this in my mind should not be allowed as it discriminates against a subset of users. Whether this is legally allowed or not I hope no one would consider doing it. John -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
