[Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers

Christophe Fergeau cfergeau at redhat.com
Wed Feb 6 12:42:24 UTC 2013


On Fri, Feb 01, 2013 at 05:03:31PM +0100, Zeeshan Ali (Khattak) wrote:
> On Wed, Jan 30, 2013 at 10:26 AM, Christophe Fergeau
> <cfergeau at redhat.com> wrote:
> > On Tue, Jan 29, 2013 at 04:49:05PM +0200, Zeeshan Ali (Khattak) wrote:
> >> On Tue, Jan 29, 2013 at 11:15 AM, Christophe Fergeau
> >> <cfergeau at redhat.com> wrote:
> >> > On Mon, Jan 28, 2013 at 10:54:52PM +0200, Zeeshan Ali (Khattak) wrote:
> >> >> On Mon, Jan 28, 2013 at 6:13 PM, Christophe Fergeau <cfergeau at redhat.com> wrote:
> >> >> > On Mon, Jan 28, 2013 at 06:05:53PM +0200, Zeeshan Ali (Khattak) wrote:
> >> >> >> whats the difference between copyleft and free, as in Free Software?
> >> >> >> Reading this, I don't see any:
> >> >> >>
> >> >> >> http://en.wikipedia.org/wiki/Copyleft
> >> >> >
> >> >> > http://en.wikipedia.org/wiki/Copyleft#Types_of_copyleft_and_relation_to_other_licenses
> >> >>
> >> >> OK, I stand corrected about the exact definition of copyleft. :)
> >> >>
> >> >> Since you are stressing on this distinction, I imagine you know some
> >> >> free drivers out there that are signed?
> >> >
> >> > Nope, but that does not mean they do not exist.
> >>
> >> Well then I'm just not being very precise in my commit log. With the
> >> API I'm proposing, Apps can easily decide to not use unsigned drivers
> >> even if script supports it. So I don't see the need for Apps to have
> >> to use a configuration parameter to disable this manually.
> >
> > https://www.redhat.com/archives/libosinfo/2013-January/msg00108.html
> 
> I already replied to that:

You tried to reply, then we had a discussion about the wrong assumption on
which you based the 2nd paragraph. With that 2nd paragraph removed, this
does not leave a lot of compelling reasons for always disabling, even when
not needed, something that improves the security of the system.

> I'm not going to make it configurable unless you can suggest a
> solution for the problem mentioned in the first para.

You are the one who wants to be able to install unsigned drivers, one would
think it's up to you to try to suggest good ways of achieving that. I'm
personnally fine with not being to install unsigned drivers without getting
warnings (which solves your 'not configurable' requirement).

Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libosinfo/attachments/20130206/a83f73f1/attachment.sig>


More information about the Libosinfo mailing list