Re-announcing the first working version of my "FedoraBook" with SELinux and UEFI secure boot. Readonly /etc, split passwd/shadow/group/gshadow , TPM2 support with LUKS2 and clevis. Updates are done via A/B partitions.

No ostree, because I want:
* secure boot to the login screen
* immutable base OS
* ensured integrity to the login screen

So on the fedorabook, even a remote attacker gaining root cannot modify /usr without I/O errors.

Well, with symlinking the parts which need to be configurable to /cfg and hard patching binaries from /etc to /cfg here and there pretty well.

@harald_hoyer Interesting! But is it worth the effort? Usually you need root permissions to change files in /etc. Having root permissions would also allow you to make additional malicious modifications. So isn't it already too late at that point of time?

Well, even a remote attacker with root access should not be able to tamper the boot process for the fedorabook.
So, if you restart fedorabook no malicious code should execute, until after you login. At least, that is the goal.

Sign in to participate in the conversation

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.