Thread: Misc. BSD/UNIX Microsoft's Lennart Poettering proposes tightening up Linux boot process
View Single Post
  #1   (View Single Post)  
Old 28th October 2022
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,132
Default Microsoft's Lennart Poettering proposes tightening up Linux boot process
From https://www.theregister.com/2022/10/...ft_poettering/

Quote:
Lennart Poettering's latest blog post proposes moving the Linux boot process into a "Brave New Trusted Boot World" of cryptographically signed Unified Kernel Images.

Agent Poettering offers a mechanism for tightening up the security of the system startup process on Linux machines, using TPM 2.0 hardware. In brief, what he sees as the problem is that on hardware with Secure Boot enabled, while the boot process up to and including the kernel is signed, the next step, loading the initrd, is not. That's what he wants to fix.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote