Whitelisting only digitally signed binaries
Bruno Wolff III
bruno at wolff.to
Thu Sep 18 02:23:05 UTC 2008
On Wed, Sep 17, 2008 at 20:49:00 +0000,
Kevin Kofler <kevin.kofler at chello.at> wrote:
> McGuffey, David C. <DAVID.C.MCGUFFEY <at> saic.com> writes:
> > Has any work taken place in the Linux community toward building a
> > "trusted loader" into Linux. If so, what is the status? If not, why
> > not?
>
> This would be against the very idea of Free Software, i.e. the right to freely
> modify your software and use such modified versions.
> See e.g.: http://www.gnu.org/philosophy/can-you-trust.html
That depends on who has the keys. If the system admins can use their own
keys, then it isn't a problem.
More information about the fedora-list
mailing list