Re: F36 Change: DIGLIM (System-Wide Change proposal)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Nico Kadel-Garcia wrote:

> On Sun, Dec 26, 2021 at 1:10 AM Dan Čermák
> <dan.cermak@xxxxxxxxxxxxxxxxxxx> wrote:
>>
>> Ben Cotton <bcotton@xxxxxxxxxx> writes:
>>
>> *snip*
>>
>> > == Upgrade/compatibility impact ==
>> > The user should ensure that software (not updated) from the old
>> > distribution is packaged and the package header is signed, or he
>> > should create and sign a custom digest list for the software he wishes
>> > to use after the upgrade.
>>
>> Uhm, so locally/manually installed software (i.e. not signed by Fedora's
>> signkeys) will silently break when switching to F36? How about 3rd party
>> repositories?
> 
> It wouldn't be the first time software has been deliberately broken by
> well-intended kernel security changes. Remember when systemd decided
> to cancel all backgrounded processes belong to a user when they logged
> out, breaking "screen" and "tux", with no record of killing the jobs
> whatsover? Fortunately, people screamed pretty hard about that one.

But being allowed to run custom or self-developed software is a core feature 
of Free Software. If that stops working in the name of "security", Fedora is 
no better than iOS (where Apple also claims the restrictions are for 
"security" purposes), and becomes entirely useless for me.

And the whole concept of "remote attestation" is inherently a Treacherous 
Computing (so-called "Trusted Computing") (mis)feature and as such entirely 
unacceptable to begin with.

This Change is absolutely unacceptable. If implemented as proposed (enabled 
by default), I will be forced to leave for another distribution (as a user, 
which however also implies that I will have to orphan all my packages).

        Kevin Kofler
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux