On Fri, 6 Jul 2012, Rick Thomas <rbtho...@pobox.com> wrote: > We need a "stage-1" boot loader, signed by somebody trusted (FSF? > SFLC?) with a key that will be recognized by the SecureBoot BIOS. > This is an un-changable binary blob, so it can't be GPL (is this a > problem?)
There is no reason why GPL source can't be used for an unchangable binary. As long as the source is supplied then it's not a problem. Every Debian package is an unchangable binary, we don't change binaries we just replace them with newer versions. There is a huge range of embedded devices with the Linux kernel (and other GPL software) in ROM which almost never get updated. A Linux kernel in a mobile phone which has a locked boot loader is no different in terms of license from a secure boot loader under the GPL. Using GPL licensed software to enforce signature checks is not a problem either. We have GPG (and many other programs) for checking signatures and doing encryption and we have SE Linux (and many other options) for access control. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201207061458.32921.russ...@coker.com.au
