LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

UEFI secure boot kernel restrictions

UEFI secure boot kernel restrictions

Posted Nov 10, 2012 1:34 UTC (Sat) by hummassa (subscriber, #307)
In reply to: UEFI secure boot kernel restrictions by mathstuf
Parent article: UEFI secure boot kernel restrictions

> - it does so much that *something* it calls is ~100% likely to have *some* vulnerability; or

that's the one :-D

(Log in to post comments)

UEFI secure boot kernel restrictions

Posted Nov 10, 2012 2:04 UTC (Sat) by raven667 (subscriber, #5198) [Link]

Well you have to presume the kernel has some vulnerabilities but you can control what code calls into the kernel, at least for very early boot when the system is still being set up. Anything that has a fixed function can get signatures and be solidified, the problems come in when you have to run arbitrary code which is outside the users ability to audit.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds