Re-announcing the first working version of my "FedoraBook" with SELinux and UEFI secure boot. Readonly /etc, split passwd/shadow/group/gshadow , TPM2 support with LUKS2 and clevis. Updates are done via A/B partitions.

pagure.io/FedoraBook

@juliank
No ostree, because I want:
* secure boot to the login screen
* immutable base OS
* ensured integrity to the login screen

So on the fedorabook, even a remote attacker gaining root cannot modify /usr without I/O errors.

@brejoc
Well, with symlinking the parts which need to be configurable to /cfg and hard patching binaries from /etc to /cfg here and there pretty well.

@harald_hoyer Interesting! But is it worth the effort? Usually you need root permissions to change files in /etc. Having root permissions would also allow you to make additional malicious modifications. So isn't it already too late at that point of time?

@brejoc
Well, even a remote attacker with root access should not be able to tamper the boot process for the fedorabook.
So, if you restart fedorabook no malicious code should execute, until after you login. At least, that is the goal.

Sign in to participate in the conversation
Fosstodon

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.