Re: [RFC] Second attempt at kernel secure boot support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Florian Weimer <fw@xxxxxxxxxxxxx>
Subject: Re: [RFC] Second attempt at kernel secure boot support
From: Matthew Garrett <mjg59@xxxxxxxxxxxxx>
Date: Tue, 06 Nov 2012 17:31:57 -0500
Cc: Chris Friesen <chris.friesen@xxxxxxxxxxx>, "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>, Pavel Machek <pavel@xxxxxx>, Eric Paris <eparis@xxxxxxxxxxxxxx>, Jiri Kosina <jkosina@xxxxxxx>, Oliver Neukum <oneukum@xxxxxxx>, Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>, Josh Boyer <jwboyer@xxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, linux-efi@xxxxxxxxxxxxxxx
In-reply-to: <87fw4mv11b.fsf@mid.deneb.enyo.de>
User-agent: K-9 Mail for Android

It protects against certain classes of compromise. It doesn't prevent rogue software damaging your system - anyone who gets root (and so could reconfigure your boot order) could just rm -rf / anyway. 
-- 
Matthew Garrett | mjg59@xxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

References:
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Matthew Garrett
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Eric W. Biederman
- Re: [RFC] Second attempt at kernel secure boot support
  - From: H. Peter Anvin
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Eric W. Biederman
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Matthew Garrett
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Eric W. Biederman
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Matthew Garrett
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Eric W. Biederman
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Matthew Garrett
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Eric W. Biederman
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Matthew Garrett
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Eric W. Biederman
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Florian Weimer
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Chris Friesen
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Florian Weimer
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Matthew Garrett
- Re: [RFC] Second attempt at kernel secure boot support
  - From: Florian Weimer

Prev by Date: Re: [RFC] Second attempt at kernel secure boot support
Next by Date: Re: [RFC] Second attempt at kernel secure boot support
Previous by thread: Re: [RFC] Second attempt at kernel secure boot support
Next by thread: Re: [RFC] Second attempt at kernel secure boot support
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]