UEFI bootkit
Matthew Miller
mattdm at fedoraproject.org
Thu Sep 20 11:45:53 UTC 2012
On Thu, Sep 20, 2012 at 04:29:47AM -0700, jdow wrote:
> That is why I like my unique to the machine key that is supplied to the
> user along with the board serial number. So he can make changes. But the
> changes for his system cannot affect other systems. That would make
> custom signed Linux kernels possible for a person testing kernel builds
> or compiling in obscure filesystems, such as I do from time to time.
You will be able to do this -- at least, on x86. Some lobbying on the ARM
front is needed.
It won't be a key that's supplied to the user, though. The user will be able
to add their own.
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the users
mailing list