Y
Hacker News
new
|
ask
|
show
|
jobs
by
suihkulokki
3305 days ago
Shim is signed with microsoft key, does it still require custom mode for booting?
1 comments
Nullabillity
3305 days ago
Yes. Shim requires that your kernel is also signed, and also disables support for kernel modules.
link
xvilka
3305 days ago
And this shows why forcing that in shim was a bad idea. They should have made a version breaking the chain, and allowing to boot unsigned kernel.
link
Nullabillity
3304 days ago
No, this shows why (forcing) Secure Boot was a bad idea. Allowing Shim to load unsigned kernels would be equivalent to having it bypass SB in the first place, which Microsoft would presumably never sign.
link