*countable infinities only
inode0 at gmail.com
Sat Jun 2 16:55:32 UTC 2012
On Sat, Jun 2, 2012 at 11:40 AM, Matthew Garrett <mjg59 at srcf.ucam.org> wrote:
> On Sat, Jun 02, 2012 at 12:18:17PM -0400, Orcan Ogetbil wrote:
>> Hmm, will the package maintainers have the freedom to not support
>> users who have the secureboot enabled? How are we going to detect
> Any piece of userspace can read the SecureBoot and SetupMode variables
> and check that they're 1 and 0 respectively. But refusing to run in that
> scenario would provide no extra security, so the only reason to do so
> would be to warn the user that kernel functionality the application
> depends on may not be available.
> But if you mean "I philosophically object to secure boot and want to
> prevent my packages from working on systems with it enabled" then yes,
> that's clearly a thing you could do. I don't think it's worth discussing
> whether it's something that you should do or something that would be
> treated as a bug unless someone actually wants to do it.
Doing this in my mind should not be allowed as it discriminates
against a subset of users. Whether this is legally allowed or not I
hope no one would consider doing it.
More information about the devel