[formerly_proven]

> Linux doesn't have driver signatures and root can easily install a new kernel module.

Linux supports signed kernel modules (and not just on paper, this is a widely deployed feature).

[ddtaylor]

Linux also has SELinux, root can't do everything there.

[NekkoDroid]

Yep, when booting with secure boot the kernel won't load any unsigned drivers.

[snvzz]

This claim still assumes there's no vulnerabilities in a TCB sized in the millions of LoCs.

No chance.

Look elsewhere for actual security.

Right now, elsewhere just happens to be seL4. Anything else is either still too green or an architectural non-starter.