[sf-lug] Linus say no change to Kernel to ease MS signing
Rick Moen
rick at linuxmafia.com
Thu Feb 28 11:47:13 PST 2013
[about a recent Torvalds rant:]
> LWN.net subscribers will probably find that this Wednesday's edition
> includes thoughtful comments by Jon Corbet or someone similar.
> (Non-subscribers can read each weekly edition eight days after
> publication.)
Subscriber link here, as predicted: https://lwn.net/Articles/540287/
The kernel does not run programs in Microsoft's Portable Executable
(PE) format. So when a patch came along adding support for those
binaries -- not to run programs, but to use them as a container for
trusted keys -- the reaction was not entirely positive. [...]
[T]here are some fundamental questions about how Linux should support
the UEFI secure boot mechanism...
[big snip]
Security, [Torvalds] says, should be in the control of the users;
it should not be a mechanism used to strengthen a big company's
control. [...]
The other reason that this patch is running into resistance is that
there is widespread skepticism of the claim that the loading of unsigned
modules must be blocked in the first place. [...]
As I expect from Jon Corbet pieces, it's a good (i.e., enlightening and
well-thought-out article. To read more, subscribe to LWN.net, which is
a subscriber-supported magazine -- or wait a week.
More information about the sf-lug
mailing list