On Do, 07.04.22 10:53, Fedora Development ML (devel@xxxxxxxxxxxxxxxxxxxxxxx) wrote: > On 4/7/22 10:28 AM, Lennart Poettering wrote: > > On Di, 05.04.22 17:38, Chris Murphy (lists@xxxxxxxxxxxxxxxxx) wrote: > > > > > When users have a suboptimal experience by default, it makes Fedora > > > look bad. We can't have security concerns overriding all other > > > concerns. But it's really pernicious to simultaneously say security is > > > important, but we're also not going to sign proprietary drivers. This > > > highly incentivizes the user to disable Secure Boot because that's so > > > much easier than users signing kernel modules and enrolling keys with > > > the firmware, and therefore makes the user *less safe*. > > > > Let me stress one thing though: Fedora *has* *no* working SecureBoot > > implementation. The initrd is not authenticated. It has no signatures, > > nothing. > > > Couldn't the other Fedora change about adding file signatures to the RPM > installed files be used to close this hole?. Enabling some policy at boot > that disallows execution on code not signed that is inside the initrd. I > think all code copied to the initrd must come from Fedora packages, maybe > the only exception are third party kernel modules. You need to sign the whole thing, and figure out what to do about configuration so that you can still configure the thing but also authenticate it so that you know it is in order. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
