On 06/22/2018 05:15 PM, Chris Adams wrote: > Once upon a time, Matthew Miller <mat...@fedoraproject.org> said: >> On Fri, Jun 22, 2018 at 03:30:23PM -0400, Kyle Marek wrote: >>> Anaconda in F28 currently claims /boot cannot be vfat. However, this >>> appears to be an artificial limitation, because `grub2-install` works >>> and makes a bootable GRUB with a vfat-typed --boot-directory. >>> I'm not sure why there would be an issue with /boot being vfat. I guess >>> two good questions to ask that might offer some insight: >> Well, currently, we have things in there with different selinux >> labels.... > And basic Unix permissions... because there can be privileged content in > GRUB config and even initramfs.
That's interesting. I generally don't see /boot as something that normal users shouldn't be able to read. Or, in other words, I generally don't see it as a place where secret data should be stored. Any particular examples? _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/H2E27EMY6EMCZTYPKZVO5T7ZNVG3EO3S/
