On Mon, Jul 4 2022 at 09:55:20 AM +0200, Lennart Poettering
<mzerqung@xxxxxxxxxxx> wrote:
Signing and authenticating the code is a good thing to protect
systems – it's a good thing if we can do so for the boot code too as
we boot.
Tangent:
After installing or upgrading your Fedora or RHEL system, you have to
accept a "do you trust this official Fedora project key" prompt or you
cannot install packages from the official repos. So all our users have
been trained to ignore warnings about untrusted packages because it's
mandatory to do so. If few users think twice about accepting a key as
long as it purports to be from "Fedora" or "Red Hat"... well, the whole
system is subverted. This needs a rethink.
Michael
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
