Don't hook system services if shim has no built-in keys - efi-boot-shim.git - (mirror of https://github.com/vyos/efi-boot-shim.git)

diff options

author	Matthew Garrett <matthew.garrett@nebula.com>	2013-11-19 10:20:34 -0500
committer	Matthew Garrett <matthew.garrett@nebula.com>	2013-11-19 10:20:34 -0500
commit	7c1f49dacc1c39e6286d6e27d4348ea34968a175 (patch)
tree	a15592d978b75cc8861122be2822543f4fba39dd /Cryptlib/Include/openssl/conf_api.h
parent	e60f118155e55f33c3ea9045abc2c43851d82516 (diff)
download	efi-boot-shim-7c1f49dacc1c39e6286d6e27d4348ea34968a175.tar.gz efi-boot-shim-7c1f49dacc1c39e6286d6e27d4348ea34968a175.zip

Don't hook system services if shim has no built-in keys

Shim should only need to enforce its security policy when its launching binaries signed with its built-in key. Binaries signed by keys in db or Mokdb should be able to rely on their own security policy. Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>

Diffstat (limited to 'Cryptlib/Include/openssl/conf_api.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: