Re: [GIT PULL] Kernel lockdown for secure boot

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Apr 3, 2018 at 4:12 PM, David Howells <dhowells@xxxxxxxxxx> wrote:
>
> What use is secure boot if processes run as root can subvert your kernel?

Stop this idiocy.

The above has now been answered multiple times, several different ways.

The "point" of secure boot may be that you had no choice, or there was
no point at all, it just came that way.

Or the "point" of secure boot may be that you don't trust anybody else
than yourself, but once you've booted you do trust what you booted.

But the *real* point is that this has nothing what-so-ever to do with
secure boot. You may want (or not want) lockdown independently of it.
Don't tie magic boot issues with kernel runtime behavior.

                    Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux