This wording is deliberate. The way that shim+mok works, when you make
this change, shim will willingly chainload anything you point it at.
This is functionally indistinguishable, security-wise, from disabling
Secure Boot in the firmware; it's just that by using MOK we're able to
do so in a way that's guided and consistent across all systems.
Describing this in terms of the technical details of MOK would be
confusing for users, and make it harder for them to understand the key
point that making this change disables the protection of Secure Boot.
The current wording has also been reviewed by the Design Team, passing
muster with both them and Foundations.
So we don't intend to change this dialog to talk about MOK. Closing
wontfix.
** Changed in: shim-signed (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1602605
Title:
Ambigous dialogue box when running update-secureboot-policy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1602605/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
