Comment 5 for bug 1571691

Pavel Rojtberg (rojtberg) wrote :

1. asks for a password
2. Setting SB State Failed
3. nothing says I should reboot
4. upon reboot configuration screen pops up and asks random characters from the password entered before
5. allows me to disable verification

in case the above is the correct user story, I have the following remark:

this seems to disable all verification after shim. Before the change the kernel was still verified and only the the modules were not.
Therefore I would say things were more secure before.

Is it possible to just disable signed module enforcement again?