On Mon, Jul 4 2022 at 09:55:20 AM +0200, Lennart Poettering
<mzerq...@0pointer.de> wrote:
Signing and authenticating the code is a good thing to protect
systems – it's a good thing if we can do so for the boot code too as
we boot.
Tangent:
After installing or upgrading your Fedora or RHEL system, you have to
accept a "do you trust this official Fedora project key" prompt or you
cannot install packages from the official repos. So all our users have
been trained to ignore warnings about untrusted packages because it's
mandatory to do so. If few users think twice about accepting a key as
long as it purports to be from "Fedora" or "Red Hat"... well, the whole
system is subverted. This needs a rethink.
Michael
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure