Even if initrds are (somehow) signed, the kernel command line can still be modified, like adding `init=/usr/bin/bash`. Also, if everything is signed by fedora, then the user can not modify the command line. There is a lot of hardware that needs command line modifications to boot. Also, fedora would have to revoke signatures for every vulnerable kernel, or there is no real security. If those kernels signatures are revoked, then they wont boot even when they are the currently installed kernel and should be able to boot. If there is a way for a fedora signed kernel image to load a locally signed command line, then this would work much better. > However I think the initrd should be built on fedora infra > and signed with fedora keys by default. What about when the user has a custom kernel module, would there be a way for the user to use it. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
