[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: secure boot
From: |
Josselin Poiret |
Subject: |
Re: secure boot |
Date: |
Sun, 21 Aug 2022 10:46:51 +0200 |
Hi Antonio,
Antonio Carlos Padoan Junior <acpadoanjr@yahoo.com.br> writes:
> As far as I understand, Guix doesn't provide means to automatically sign
> bootloaders and kernels in order to use UEFI secure boot after each system
> reconfigure (assuming a PKI is properly implemented). Hence, using
> secure boot with Guix is currently not viable (am i correct?).
You're right, we don't really have any means to do that. It would have
to be done outside of the store, again, so that the private key doesn't
leak into it.
> In this context, can I assume that the risk of not having secure boot is
> minimized by the fact that in each system reconfiguration, the early
> boot chain is overwritten is such a way that, if a malicious is
> introduced somehow, it will be also overwritten? Am I correct?
A reconfigure would overwrite the bootloader, and most likely create a
new system generation with bootloader configuration.
> In addition, how much more difficult it is to introduce such malicious
> code in a Guix system giving its functional approach and store system?
> (in comparison with others Linux distributions).
Nothing is stopping an attacker from overwriting your bootloader with
their own, which could load a kernel of their choosing. They would need
to be able to boot off something though. And once you're compromised
that way, I don't think you could consider running `guix system
reconfigure` an option.
Best,
--
Josselin Poiret