On 7/8/20 10:47 AM, John M. Harris Jr wrote:
On Tuesday, July 7, 2020 3:17:16 AM MST Gerd Hoffmann wrote:
On Mon, Jul 06, 2020 at 01:26:31PM -0700, John M. Harris Jr wrote:
<Snip>
Well, if that is your concern the answer is secure boot. That will not
only prevent tampering with /boot files, but also prevent tampering with
the bootloader itself.
No, Secure Boot doesn't solve that problem. Secure Boot, in Fedora anyway,
needlessly disables a lot of kernel functionality, which makes it completely
unusable. You cannot load kernel modules you've built, hibernate your system,
etc. Additionally, Secure Boot does not prevent tampering with /boot files.
You can still change grub.cfg as you like.
<Snip>
Yet here I am, happily using it, across multiple systems...
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
