Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 13, 2017 at 1:44 PM, David Howells <dhowells@xxxxxxxxxx> wrote:
>
> Whilst that may be true, we either have to check signatures on every bit of
> firmware that the appropriate driver doesn't say is meant to be signed or not
> bother.

I vote for "not bother".

Seriously, if you have firmware in /lib/firmware, and you don't trust
it, what the hell are you doing?

Oh, it's one of those "let's protect people from themselves, so that
they can't possibly break Disney^W^W be terrorists - but but the
children" things again, isn't it?

Watch me care.

                  Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux