Gentoo Archives: gentoo-dev

From: "Michał Górny" <mgorny@g.o>
To: gentoo-dev@l.g.o
Cc: lists@×××××××××××.net
Subject: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo
Date: Sat, 16 Jun 2012 17:51:04
Message-Id: 20120616195104.192e5abd@pomiocik.lan
In Reply to: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo by Florian Philipp
On Fri, 15 Jun 2012 09:54:12 +0200
Florian Philipp <lists@×××××××××××.net> wrote:

> Am 15.06.2012 06:50, schrieb Duncan: > > Greg KH posted on Thu, 14 Jun 2012 21:28:10 -0700 as excerpted: > > > >> So, anyone been thinking about this? I have, and it's not pretty. > >> > >> Should I worry about this and how it affects Gentoo, or not worry > >> about Gentoo right now and just focus on the other issues? > >> > >> Minor details like, "do we have a 'company' that can pay Microsoft > >> to sign our bootloader?" is one aspect from the non-technical side > >> that I've been wondering about. > > > > I've been following developments and wondering a bit about this > > myself. > > > > I had concluded that at least for x86/amd64, where MS is mandating > > a user controlled disable-signed-checking option, gentoo shouldn't > > have a problem. Other than updating the handbook to accommodate > > UEFI, presumably along with the grub2 stabilization, I believe > > we're fine as if a user can't figure out how to disable that option > > on their (x86/amd64) platform, they're hardly likely to be a good > > match for gentoo in any case. > > > > As a user, I'd still like to have the chance of using Secure Boot with > Gentoo since it _really_ increases security. Even if it means I can no > longer build my own kernel.
It doesn't. It's just a very long wooden fence; you just didn't find the hole yet. -- Best regards, Michał Górny


File name MIME type
signature.asc application/pgp-signature


Subject Author
Re: [gentoo-dev] Re: UEFI secure boot and Gentoo Florian Philipp <lists@×××××××××××.net>
Re: [gentoo-dev] Re: UEFI secure boot and Gentoo Sascha Cunz <sascha-ml@×××××××××.org>