SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
For me it's the principle of the thing. I refuse to let Microsoft approve what I can and can't boot on my own damn computer with the "signing." It's security theater, most generously, and another way to lock us out of anything but Windows.
If this means I eventually have to use USB boot devices, then so be it.
However, thanks for the lack of SecureBoot support, in the Slackware is ALWAYS possible to execute "whatever EFI binary" no matter if it's signed or not, which means that we have always the same effect as of BootHole issue.
Please, stop with the FUD.
SecureBoot is a hardware design feature. It is not an operating system feature.
Quote:
It was an ELILO bug, which passed to kernel uninitialized a particular memory area. BUT, I do not blame ELILO code and its developers. The code is 8 (eight) years old, after all.
Like syslinux, elilo instantiates a variable with an undefined value. The kernel now ensures that
variable has a suitable value for the section of code that makes use of it.
The Ventoy link is interesting, but irrelevant. If a user enrols a MOK, then that user accepts responsibility. As argued there, there may be a responsibility to provide suitable warnings upon potential misuse, but there is no requirement.
Distribution: VM Host: Slackware-current, VM Guests: Artix, Venom, antiX, Gentoo, FreeBSD, OpenBSD, OpenIndiana
Posts: 1,022
Rep:
Quote:
Originally Posted by Regnad Kcin
What to do if users all start to run amok because of SecureBoot?
Who gets blamed?
Users, pretty obvious: before installing OS/distro check what software can do.
I understand the question: there was someone who after several months of installing custom kernels did not know if he/she is running 32-bit or 64-bit OS and kernel. Then there was an absurd problem with 4.5GB modules just because users never bothered to use custom verified config just blindly installed "custom" kernels...
This is user fault nothing else.
If one does not know anything about OS, maybe should install easy distribution that do all for user. Some OS/distros Slackware, Gentoo, Artix, Venom, *BSDs require some input and knowledge.
This is so simple.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.