Re: [RFC] Second attempt at kernel secure boot support

From: Matthew Garrett
Date: Thu Nov 01 2012 - 17:06:37 EST

Next message: Luck, Tony: "RE: [RFC EDAC/GHES] edac: lock module owner to avoid error reportconflicts"
Previous message: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
In reply to: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Nov 01, 2012 at 09:03:20PM +0000, James Bottomley wrote:
> On Thu, 2012-11-01 at 13:50 -0400, Eric Paris wrote:
> > What do we have to do to prevent Linux being used to attack Linux
> > which may lead to secure boot being useless.
>
> That's not really remotely related, is it? Microsoft doesn't really
> care about Linux on Linux attacks, so preventing or allowing them isn't
> going to get a distro key revoked.

Linux vendors may care about Linux on Linux attacks. It's all fun and
games until Oracle get Microsoft to revoke Red Hat's signature.

--
Matthew Garrett | mjg59@xxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Luck, Tony: "RE: [RFC EDAC/GHES] edac: lock module owner to avoid error reportconflicts"
Previous message: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
In reply to: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: James Bottomley: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]