| |||||||||||||
SUSE and Secure Boot: The Details (SUSE Blog)SUSE and Secure Boot: The Details (SUSE Blog)Posted Aug 12, 2012 4:22 UTC (Sun) by geofft (subscriber, #59789)In reply to: SUSE and Secure Boot: The Details (SUSE Blog) by mmorrow Parent article: SUSE and Secure Boot: The Details (SUSE Blog)
An individual user who wants to recompile (or merely re-sign) their kernel has every ability to turn off Secure Boot in their BIOS menu. This is only about what people boot out of the box, and I can't really see the problem if all semi-popular Linux distros get an MS-signed shimloader with their private key embedded.
It's certainly morally offensive, but not hugely practically problematic -- nobody installs a custom kernel the first time they install Linux.
(Log in to post comments)
SUSE and Secure Boot: The Details (SUSE Blog) Posted Aug 12, 2012 6:42 UTC (Sun) by tzafrir (subscriber, #11501) [Link]
But many users build kernel modules (look for dkms packages).
Furthermore, it makes creating a custom distribution with any changes to the kernel (including modules, and also to grub's configuration, including its screen?) a whole lot more difficult. Which means you'll have less custom Linux distributions.
SUSE and Secure Boot: The Details (SUSE Blog) Posted Aug 16, 2012 15:50 UTC (Thu) by jschrod (subscriber, #1646) [Link]
But many people want to install NVidias proprietary graphics driver kernel module, since they are the only way to get full support for the respective hardware.
And I think it's wrong to assume that this module will get signatures for all Linux distribution schemes that are out there.
|
|||||||||||||