On Thu, Nov 01, 2012 at 03:06:54PM +0000, Alan Cox wrote: > > The entire point of this feature is that it's no longer possible to turn > > a privileged user exploit into a full system exploit. Gaining admin > > access on Windows 8 doesn't permit you to install a persistent backdoor, > > Really, that would be a first. Do you have a detailed knowledge of > windows 8 actual security ? http://msdn.microsoft.com/en-us/library/windows/desktop/hh848061%28v=vs.85%29.aspx > > unless there's some way to circumvent that. Which there is, if you can > > drop a small Linux distribution onto the ESP and use a signed, trusted > > bootloader to boot a signed, trusted kernel that then resumes from an > > unsigned, untrusted hibernate image. So we have to ensure that that's > > impossible. > > Well if you want to make Linux entirely robust Red Hat could start > helping with some of the 6000 odd coverity matches some of which will > most certainly turn out to be real flaws. Sure, bugs should be fixed. -- Matthew Garrett | mjg59@xxxxxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
