proxmox-mirrors/fwupd
1
0
Fork 0
mirror of https://git.proxmox.com/git/fwupd synced 2025-05-17 07:01:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1b0b51e2a6
fwupd/policy
History
Richard Hughes 63bbbf544f Only allow signed firmware to be upgraded without a password 
This does not affect UEFI capsule updates as the signing is checked by the
machine itself. We don't know anything about the trust level at all because
NIST SP800-147 pretty much says we're not allowed to.

For BIOS or ColorHug updates however we really do need to request authentication
before downgrading or installing non-signed code.

At the moment only the Hughski Limited key is trusted for firmware, although I
hope in the future we can also include Red Hat, Microsoft, Intel, AMD and other
hardware vendors in that list too.

Fixes: https://github.com/hughsie/fwupd/issues/5
2015-04-14 16:19:39 +01:00
..
Makefile.am Allow any admin users to install system firmware without a password 2015-03-11 19:55:47 +00:00
org.freedesktop.fwupd.policy.in Only allow signed firmware to be upgraded without a password 2015-04-14 16:19:39 +01:00
org.freedesktop.fwupd.rules Allow any admin users to install system firmware without a password 2015-03-11 19:55:47 +00:00