identifying which builds are signed
Mikus Grinbergs
mikus at bga.com
Fri Aug 1 11:36:06 EDT 2008
> olpc-update is presently only runnable on machines which have already
> passed the boot-lock; therefore its operation does not require any
> additional signatures.
Thank you. Now it makes sense to me -- a wrongdoer can insert a
device and try booting it (e.g., the four-game-button press) -- so
*what* he is trying to load needs to be verified for authenticity.
Whereas the 'olpc-update' user already has a running system, and
root privilege, so he is allowed to load.
Michael, thank you for this explanation (and for describing where
the signatures are contained). This is *much* clearer than the
wiki, which gives cookbook explanations but does not say "how come".
mikus
More information about the Devel
mailing list