*countable infinities only

Matthew Garrett mjg59 at srcf.ucam.org
Sat Jun 2 16:40:22 UTC 2012

On Sat, Jun 02, 2012 at 12:18:17PM -0400, Orcan Ogetbil wrote:

> Hmm, will the package maintainers have the freedom to not support
> users who have the secureboot enabled? How are we going to detect
> this?

Any piece of userspace can read the SecureBoot and SetupMode variables 
and check that they're 1 and 0 respectively. But refusing to run in that 
scenario would provide no extra security, so the only reason to do so 
would be to warn the user that kernel functionality the application 
depends on may not be available.

But if you mean "I philosophically object to secure boot and want to 
prevent my packages from working on systems with it enabled" then yes, 
that's clearly a thing you could do. I don't think it's worth discussing 
whether it's something that you should do or something that would be 
treated as a bug unless someone actually wants to do it.

Matthew Garrett | mjg59 at srcf.ucam.org

More information about the devel mailing list