LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The Linux Foundation's UEFI secure boot system

The Linux Foundation's UEFI secure boot system

Posted Oct 11, 2012 15:14 UTC (Thu) by rgmoore (✭ supporter ✭, #75)
In reply to: The Linux Foundation's UEFI secure boot system by ebiederm
Parent article: The Linux Foundation's UEFI secure boot system

Is there a way to change the EFI keys programatically?
There shouldn't be a way of doing this programatically, since it undermines the whole point of the secure boot system. The goal of the system is to make sure that you can't run unsigned code without user intervention. If you could bypass the secure boot without user intervention, then malicious code could do exactly the same thing and the system would be worthless for preventing boot sector malware. The goal of all these open source approaches to secure boot is to let open source take advantage of the real benefits of the system.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds