Don't hook system services if shim has no built-in keys - efi-boot-shim.git - (mirror of https://github.com/vyos/efi-boot-shim.git)

diff options

author	Matthew Garrett <matthew.garrett@nebula.com>	2013-11-19 10:15:55 -0500
committer	Matthew Garrett <matthew.garrett@nebula.com>	2013-11-19 10:20:34 -0500
commit	8b48ec5c70cd97d37f48581a4eab8139c1a95a1f (patch)
tree	a15592d978b75cc8861122be2822543f4fba39dd /lib/variables.c
parent	d95b24bd02cf41cca9adebd95f10609d6424d2b3 (diff)
download	efi-boot-shim-8b48ec5c70cd97d37f48581a4eab8139c1a95a1f.tar.gz efi-boot-shim-8b48ec5c70cd97d37f48581a4eab8139c1a95a1f.zip

Don't hook system services if shim has no built-in keys

Shim should only need to enforce its security policy when its launching binaries signed with its built-in key. Binaries signed by keys in db or Mokdb should be able to rely on their own security policy. Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>

Diffstat (limited to 'lib/variables.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: