Re: [RFC] Second attempt at kernel secure boot support

From: Alan Cox
Date: Thu Nov 01 2012 - 12:35:58 EST

Next message: Laxman Dewangan: "[PATCH REPOST] i2c: tegra: set irq name as device name"
Previous message: Santosh Shilimkar: "Re: [RFC PATCH] ARM: OMAP4: ID: Improve features detection and check"
In reply to: Matthew Garrett: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 1 Nov 2012 16:29:01 +0000
Matthew Garrett <mjg@xxxxxxxxxx> wrote:

> On Thu, Nov 01, 2012 at 03:06:54PM +0000, Alan Cox wrote:
> > > The entire point of this feature is that it's no longer possible to turn
> > > a privileged user exploit into a full system exploit. Gaining admin
> > > access on Windows 8 doesn't permit you to install a persistent backdoor,
> >
> > Really, that would be a first. Do you have a detailed knowledge of
> > windows 8 actual security ?
>
> http://msdn.microsoft.com/en-us/library/windows/desktop/hh848061%28v=vs.85%29.aspx

No I said knowledge of not web pages. The Red Hat pages say Linux is very
secure, the Apple ones say MacOS is.

The point being you don't want to evaluate apparent security by press
release of one system versus deep internal knowledge of the other.

Alan

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Laxman Dewangan: "[PATCH REPOST] i2c: tegra: set irq name as device name"
Previous message: Santosh Shilimkar: "Re: [RFC PATCH] ARM: OMAP4: ID: Improve features detection and check"
In reply to: Matthew Garrett: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]