User: Password:
|
|
Subscribe / Log in / New account

Why not just chainload grub?

Why not just chainload grub?

Posted Jun 28, 2012 10:38 UTC (Thu) by jschrod (subscriber, #1646)
In reply to: Why not just chainload grub? by raven667
Parent article: Details on Ubuntu's UEFI secure boot plan

> > GPLv3 source request with *any keys*

> I don't believe this is true.

According to this week's Security page feature article, the FSF says that it's probably true. Thus, I can understand that Canonical is careful.


(Log in to post comments)

Why not just chainload grub?

Posted Jun 29, 2012 7:02 UTC (Fri) by raven667 (subscriber, #5198) [Link]

That is a horrible FAQ entry and could really use some further elaboration. The way the FAQ explains it undercuts the GPLv3 and inadvertently provides FUD for detractors to throw around.

http://www.gnu.org/licenses/gpl-faq.html#GiveUpKeys

Their secure boot specific FAQ doesn't say anything like that and specifically references Matt Garrett's documents on the matter. Fedora obviously doesn't think there is anything wrong with signing a GPLv3 GRUB2 and the FSF links to it as their explanation.

http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/

There is another thread along the same lines here https://lwn.net/Articles/504015/. A vendor shipping a signed, boot locked, GPLv3 GRUB2 would be a pirate, distributing without a valid copyright license. There are many way ways to resolve that, recalling/refund/RMA of hardware, a firmware update, etc where disclosing the private signing keys is the least likely method to achieve compliance, although it is a valid one.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds