Hi Greg, On Friday 10 August 2012 15:15:15 Greg Freemyer wrote:
2) Is the functionality defined for using that database of MOKs sufficient for openSUSE needs.
I argue it is not.
The prime examples relate to OBS and SuseStudio. If each of those is provisioned with a unique MOK key and the validation key is made well known, then the SUSE approach will I'm sure include a relatively simple way for a user to install the validation key into the MOK database.
SuseStudio doesn't need keys; it doesn't build its own kernels or grub packages - it just pulls them from "somewhere" and puts them into the image. And just like we don't sign packages in any random build service project with the openSUSE key, we wouldn't be signing kernels from random OBS projects - only the openSUSE kernel would receive this signature. So in order to build a "malware" kernel and get it signed, you would have to submit that change to the openSUSE project and conceal it sufficiently to pass the review at package check-in.
But what if OBS and/or SuseStudio is used to create a kernel that gets designated as malware. I would like to see the openSUSE solution provide a way to black ball that kernel.
That's a good point. The only alternative would be to revoke the key in that case; and that's not attractive either. Olaf -- Neo didn't bring down the Matrix. SOA did. (soafacts.com) -------------------------------------------- Olaf Kirch - Director SUSE Linux Enterprise; R&D (okir@suse.com) SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org