Gentoo Archives: gentoo-dev

From: Florian Philipp <lists@×××××××××××.net>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo
Date: Sun, 17 Jun 2012 09:21:35
In Reply to: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo by "Michał Górny"
Am 16.06.2012 19:51, schrieb Michał Górny:
> On Fri, 15 Jun 2012 09:54:12 +0200 > Florian Philipp <lists@×××××××××××.net> wrote: > >> Am 15.06.2012 06:50, schrieb Duncan: >>> Greg KH posted on Thu, 14 Jun 2012 21:28:10 -0700 as excerpted: >>> >>>> So, anyone been thinking about this? I have, and it's not pretty. >>>> >>>> Should I worry about this and how it affects Gentoo, or not worry >>>> about Gentoo right now and just focus on the other issues? >>>> >>>> Minor details like, "do we have a 'company' that can pay Microsoft >>>> to sign our bootloader?" is one aspect from the non-technical side >>>> that I've been wondering about. >>> >>> I've been following developments and wondering a bit about this >>> myself. >>> >>> I had concluded that at least for x86/amd64, where MS is mandating >>> a user controlled disable-signed-checking option, gentoo shouldn't >>> have a problem. Other than updating the handbook to accommodate >>> UEFI, presumably along with the grub2 stabilization, I believe >>> we're fine as if a user can't figure out how to disable that option >>> on their (x86/amd64) platform, they're hardly likely to be a good >>> match for gentoo in any case. >>> >> >> As a user, I'd still like to have the chance of using Secure Boot with >> Gentoo since it _really_ increases security. Even if it means I can no >> longer build my own kernel. > > It doesn't. It's just a very long wooden fence; you just didn't find > the hole yet. >
Oh come on! That's FUD and you know it. If not, did you even look at the specs and working principle? Regards, Florian Philipp


File name MIME type
signature.asc application/pgp-signature


Subject Author
Re: [gentoo-dev] Re: UEFI secure boot and Gentoo "Michał Górny" <mgorny@g.o>