On 05/31/2012 01:03 PM, Matthew Garrett wrote: > On Thu, May 31, 2012 at 12:53:30PM -0400, Gerry Reno wrote: >> On 05/31/2012 12:51 PM, Matthew Garrett wrote: >>> On Thu, May 31, 2012 at 12:49:53PM -0400, Gerry Reno wrote: >>>> The issue could be solved by having the SecureBoot default setting depend >>>> on the OS being booted: >>>> >>>> SecureBoot should only be Default:ON for Microsoft OS's and any other OS's >>>> that want to deal with that >>>> >>>> and should be Default:OFF for all others. >>> How do you distinguish between a non-Microsoft OS and a piece of malware >>> that will then boot a Microsoft OS? >>> >> The Microsoft OS should refuse to boot if it is being invoked in an >> unauthorized manner. > How does the Microsoft OS know that it's being invoked in an > unauthorised manner? >
Could be any of a thousand ways to implement this. Maybe it checks the BIOS to determine whether some SecureBoot flag is set. . -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
