© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Hi,
Enabling a DKMS package does indeed allow root to sign arbitrary modules. This is part of the compromise of being able to use DKMS packages.
Since this works as intended, I am marking this bug as invalid.
If you have a requirement in your environment where you do not wish the root user to be able to sign arbitrary modules, you must not install DKMS packages and enroll the extra key.