----- Original Message ----- > Josh Boyer wrote: > > If you are creating a cert to sign the out-of-tree modules and expect > > it to be accepted by the kernel, it cannot be ephemeral. A user would > > need someway to import it into their kernel or have it passed from > > grub. The only way to do so is to have it embedded in shim or the > > kernel during the build of those binaries. I do not foresee Fedora > > creating yet another persistent key to sign things with, which means > > you would need another tool that can use the existing key in the > > kernel builders. > > That just proves that Restricted Boot and especially our implementation of > it (requiring kernel modules to be signed) is a very bad thing. How do you expect to be able to ensure that the kernel only loads "known good" modules if you can insert random modules that might subvert SecureBoot and all that it allows to secure? -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
