Follow-up Comment #2, bug #56423 (project grub):
Update: I observe the same behaviour on the 2.04 release, but I think that
I've resolved the issue. Setting check_signatures to "enforce" results in the
expected behaviour (modules load if pgp signed, even with the tpm module
unloaded).
While an argument could be made for treating modules separately to regular
signature verification (i.e, check their signatures even if signatures for
other files aren't being checked), I'd consider this partially resolved. The
bugs that I numbered 2 and 3 still remain, although these possibly are out of
scope of the bug that I filed.
Most importantly, in my opinion, the documentation should be updated to
clarify the standard behaviour here, as others might understand it as I did.
(I could possibly do this.)
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?56423>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
_______________________________________________
Bug-grub mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-grub
