Subject: | |
From: | |
Reply To: | |
Date: | Thu, 28 Feb 2013 16:08:15 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On 2013/02/28 11:56, Tom H wrote:
> On Thu, Feb 28, 2013 at 2:38 PM, Robert Blair <[log in to unmask]> wrote:
>> On 02/28/2013 01:35 PM, Tom H wrote:
>>>
>>> I wouldn't be surprised if SB became "un-disable-able" in the next
>>> few years. We'd then have to use an MS-signed shim to boot, as is
>>> now the case with the default Fedora and Ubuntu SB setups.
>>
>> Maybe I've missed something here. If a generic "MS signed shim" is
>> available what value does this add? Wouldn't such a shim make booting
>> anything alternative possible?
>
> I'm sorry. It's not as generic as I made it look. AIUI, the shim is a
> basic stage 1 (or maybe stage 0.5) bootloader whose signature's
> validated against an MS key in the computer's ROM. Grub and the kernel
> (and its modules in Fedora's case but not in Ubuntu's) are then
> validated against a Fedora key in the shim.
Which is the end of compiling your own code.
{^_^}
|
|
|