SUSE and Secure Boot: The Details (SUSE Blog)
Posted Aug 14, 2012 17:11 UTC (Tue) by khim
In reply to: SUSE and Secure Boot: The Details (SUSE Blog)
Parent article: SUSE and Secure Boot: The Details (SUSE Blog)
It would probably work just like how you would protect the ability to add keys to Secure Boot today, i.e password protected access to the functionality by your admins. I.e, if you can add keys to Secure Boot then you also press Y to add the current boot loader to the acceptable list, there is no difference in security between the two.
Actually there is a difference and it's pretty large one: there are no way to remotely push update in the scheme with password-protected boot loader whitelist. Which makes it, frankly, pretty useless for the absentee owner who does not have physical access to my laptop or phone.
to post comments)