ikidd@lemmy.world to Linux@lemmy.mlEnglish · edit-21 年前Microsoft Proposes "Hornet" Security Module For The Linux Kernellore.kernel.orgexternal-linkmessage-square37fedilinkarrow-up189file-textcross-posted to: linux@programming.dev
arrow-up189external-linkMicrosoft Proposes "Hornet" Security Module For The Linux Kernellore.kernel.orgikidd@lemmy.world to Linux@lemmy.mlEnglish · edit-21 年前message-square37fedilinkfile-textcross-posted to: linux@programming.dev
minus-squareozymandias117@lemmy.worldlinkfedilinkEnglisharrow-up11·1 年前If the executable binary has to be signed with a key, similar to the module signing key, Microsoft could sign their binaries This, along with secureboot, would prevent the owner of the machine from running eBPF programs Microsoft doesn’t want you to run, even with root
minus-squareMagiilaro@feddit.orglinkfedilinkarrow-up8·1 年前Yeah, that’s why I am against Microsoft Keys on my systems
minus-squareozymandias117@lemmy.worldlinkfedilinkEnglisharrow-up5·1 年前I wasn’t trying to give a positive side, I was just explaining why Microsoft wants the feature
If the executable binary has to be signed with a key, similar to the module signing key, Microsoft could sign their binaries
This, along with secureboot, would prevent the owner of the machine from running eBPF programs Microsoft doesn’t want you to run, even with root
Yeah, that’s why I am against Microsoft Keys on my systems
I fail to see the positive side of that…
deleted by creator
I wasn’t trying to give a positive side, I was just explaining why Microsoft wants the feature