[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Unlock LUKS with login/password

On Mar 10, Stephan Verbücheln <verbuecheln@posteo.de> wrote:

> Apart from the fact that UEFI Secure Boot is an overly complex monster
> which is basically broken[1] by design, my understanding of it is also
> that it does not protect configs, initramfs etc. in /boot. It only
> protects the kernel image and loaded modules.
It can, with an appropriate configuration.

> In addition, files in /boot like the initrd are generated individually
> and may contain files not limited to what someone puts into /boot
> intentionally. In contrast to /boot/efi, /boot does not only contain
> static files delivered by the distribution.
In the future the initramfs will (usually) be static as well.


Attachment: signature.asc
Description: PGP signature

Reply to: