Comment 17 for bug 2040137

I'm worried about the "disables the Shell only in SecureBoot and non-Setup mode" approach.

What are the "known mechanisms" to use the Shell to bypass Secure Boot?

Would any of these mechanisms persist through the following process?

- attacker reboots system and enters "bios" setup
- attacker disables secure boot
- attacker boots into Shell
- attacker fiddles the knobs
- attacker reboots system and and enters "bios" setup
- attacker enables secure boot
- attacker bypasses Secure Boot due to the knob fiddling

Thanks