On 08/29/2015 12:52 PM, Paul Cartwright wrote:
I will try turning on secure-boot next time I reboot, to see if I can boot with it turned on.. define "tampered with".. what if you run grub2-mkconfig.. that tampers with it...
I mean that a root kit can't modify the system firmware, the shim, the grub2 binary, the kernel, or modules.
Naturally, you can modify the configuration file, but under Secure Boot, grub2 will only load signed binaries. grub2-mkconfig doesn't modify any of the binaries.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
