On 08/29/2015 04:20 AM, Paul Cartwright wrote:
that may be true, but however I got my fedora installed on this UEFI box is the way I am leaving it.. I am pretty sure I have secure boot turned off. it works, and I go with the KISS method, it works, I'm leaving it alone:)
Secure Boot is an effective mitigation against some features of root kits, and really should be enabled everywhere possible.
Under Secure Boot, the firmware will not load a boot loader if it has been tampered with, which will not load a kernel that has been tampered, which will not load modules that have been tampered. With that chain of protection, it becomes very difficult for a root kit to modify the kernel to fully hide its sockets, processes, and files, which is a common feature of root kits on systems which do not offer such protection.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
