Re: Suggestion: Use a unified kernel image by default in the future.

[Sharpened Blade via devel]

This is a good idea, but some users might want to modify or need to modify the 
command line to boot, if it was signed using fedoras key, then you cant do 
that. Also some users dont like keeping their trust in fedora and would like to 
modify their kernel freely. Also, though the private key is something attackers 
want, if they can read or write the private key, then they can just as easily 
modify systemd, and get root, or install ssh with their own keys, at that point 
secure boot will not help you.
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure