On Jun 25, 2012, at 12:48 PM, Gregory Maxwell wrote: > > >> So what's the point of Secure Pre-Boot? > > Making Ubuntu work on the hardware people have. Which is the > justification given here why Fedora needed to adopt crytographic > signing of the kernel/drivers/etc. That does not answer the question. Ubuntu would work on Secure Boot hardware if they recommended users disable Secure Boot. So why not recommend that, and not support Secure Boot at all? Again, what is the point of Secure Pre-Boot? > And the kernel hands off control to a init/systemd which is unsigned— > which can be rooted and exploit a vulnerable kernel to prevent > updates. It's like building a bridge that is _10%_ complete, and > therefore 100% useless. :) So you have located a vulnerability in SELinux or systemd? And you have an exploit example? The expectation is that even Secure Boot will be broken, but will be fixed. You seem to be using the logic that because something has vulnerability potential, it should not be used. This is absurd. The way it works is we do our best, and fill the holes as needed. There is necessarily a transition from signed binaries, to containment unless the entire OS, programs, apps are going to be signed, so I don't think it's a remarkable hypothetical that there may one day be a vulnerability in systemd found. But that is not a reason to say, OK Secure Boot is totally pointless. It gets used for what it can be used for, then transition to something else. And if you have something more than a hypothetical vulnerability today in SELinux or systemd, presumably you've filed a bug. > Why not build the 100% bridge that actually > provides a remotely secured platform? Because it's incompatible with > software freedom. Central control is Microsoft's strength, not > Fedora's. I observe that this sequence is extremely low signal to noise, poor rationale, and high on derangement. Chris Murphy -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
