*countable infinities only
Matthew Garrett
mjg59 at srcf.ucam.org
Sat Jun 2 16:40:22 UTC 2012
On Sat, Jun 02, 2012 at 12:18:17PM -0400, Orcan Ogetbil wrote:
> Hmm, will the package maintainers have the freedom to not support
> users who have the secureboot enabled? How are we going to detect
> this?
Any piece of userspace can read the SecureBoot and SetupMode variables
and check that they're 1 and 0 respectively. But refusing to run in that
scenario would provide no extra security, so the only reason to do so
would be to warn the user that kernel functionality the application
depends on may not be available.
But if you mean "I philosophically object to secure boot and want to
prevent my packages from working on systems with it enabled" then yes,
that's clearly a thing you could do. I don't think it's worth discussing
whether it's something that you should do or something that would be
treated as a bug unless someone actually wants to do it.
--
Matthew Garrett | mjg59 at srcf.ucam.org
More information about the devel
mailing list