installation-guide: secure boot vs. boothole

To: debian-boot <debian-boot@lists.debian.org>
Subject: installation-guide: secure boot vs. boothole
From: Holger Wansing <hwansing@mailbox.org>
Date: Sun, 26 Dec 2021 14:50:32 +0100
Message-id: <[🔎] 20211226145032.34f3e2ef92ca46f37f1275e7@mailbox.org>

Hi all,

on the german l10n mailinglist a topic came up regarding the 'secure boot'
chapter in the installation-guide:
https://d-i.debian.org/manual/en.amd64/ch03s06.html#secure-boot


It was stated, that the manual declares Secure Boot as an unproblematic
function. And this in an unauthorized way, when looking at the BootHole 
security issues.


What do you think?
Should we mention these security issues (or the basic background behind all
this) in the guide? We may add a link to 
https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/
as an overview page for this topic.

Or do we ignore this - saying, that all software could have it's hidden
security holes and therefore there is no need to point out this explicitly
for the Secure Boot function?


Holger



-- 
Holger Wansing <hwansing@mailbox.org>
PGP-Fingerprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Reply to:

Prev by Date: Re: boot-installer accessability: edit in installation-guide
Next by Date: At what time of the install process a script is executed with 'preseed/run'?
Previous by thread: Bug#1002641: os-prober: does nothing without "systemd-journald" running (syslog is: /usr/sbin/rsyslogd -n -iNONE)
Next by thread: At what time of the install process a script is executed with 'preseed/run'?
Index(es):
- Date
- Thread