[kernel-bugs] [Bug 1173158] CONFIG_MODULE_SIG=y
https://bugzilla.suse.com/show_bug.cgi?id=1173158
https://bugzilla.suse.com/show_bug.cgi?id=1173158#c55
--- Comment #55 from Martin Wilck
The LOCK_DOWN_IN_EFI_SECURE_BOOT=n can be used to disable the connection between secure boot with kernel lock down mode. But that means we must maintain a Leap flavor kernel config.
Right, see comment 45. If we follow that route, we should review in some more detail which lockdown-related settings we want to change. Also, we'd want to use a different signature for that kernel. Otherwise, the "nolockdown" kernel would just be the malware writers' method of choice to persistently subvert otherwise secure systems. -- You are receiving this mail because: You are the assignee for the bug.
participants (1)
-
bugzilla_noreply@suse.com