Re: Schedule concern next week: holidays ahead!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2017-06-29 at 10:19 -0400, Peter Jones wrote:
> On Wed, Jun 28, 2017 at 06:53:58PM -0700, Adam Williamson wrote:
> > There are five proposed blockers. My professional guesstimate *at this
> > point* is that at least four of them will probably be rejected, though
> > that could change with more data (attention pjones: if #1418360 and
> > #1451071 are more serious than they seem to us so far, please do let us
> > know).
> 
> They absolutely are: basically Secure Boot doesn't trigger kmod
> signature checking, read-only /dev/mem, etc., in the current trees.
> This update fixes a grub bug that's triggering that behavior in the
> newer kernels, but was not triggering it in the older ones.
> 
> So yes, I very much think these should be blockers.

Ah, from the description I thought it was purely an informational thing
(just the user couldn't tell whether SB was enabled, but if it was in
fact enabled, it was working properly). So basically the appropriate
protections aren't put in place when SB is active, making it quite easy
to subvert SB?
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux