Can’t root just modprobe a malicious driver to bypass these restrictions? The documentation speaks of signatures, but you can work around that by exploiting an old, signed driver just like on Windows.
You might be right. I think that the Linux kernel doesn’t have an ABI though, so I believe the driver has to be built for the current version of the kernel. I think the idea is also that the driver is signed by the distro, not Microsoft, so the risk of random drivers getting signed accidentally is probably much lower.
DKMS taints the kernel in most setups and also requires secure boot in most contexts, disabling lock down mode and disabling most protections in the first place. If you use DKMS (to use the Nvidia driver, for example), the security boundary between root and kernel is basically nonexistent.
I’d love to see distros guide users to setting up secure boot properly (with custom certificates so Linux can be booted securely) but in practice most distros don’t have this protection boundary.
Other OSes like Linux try to maintain this security boundary, though: https://www.man7.org/linux/man-pages/man7/kernel_lockdown.7.html
That’s just a criticism of the Windows kernel.
Can’t root just modprobe a malicious driver to bypass these restrictions? The documentation speaks of signatures, but you can work around that by exploiting an old, signed driver just like on Windows.
You might be right. I think that the Linux kernel doesn’t have an ABI though, so I believe the driver has to be built for the current version of the kernel. I think the idea is also that the driver is signed by the distro, not Microsoft, so the risk of random drivers getting signed accidentally is probably much lower.
depends, they can also loaded via dkms which may not require it
DKMS taints the kernel in most setups and also requires secure boot in most contexts, disabling lock down mode and disabling most protections in the first place. If you use DKMS (to use the Nvidia driver, for example), the security boundary between root and kernel is basically nonexistent.
I’d love to see distros guide users to setting up secure boot properly (with custom certificates so Linux can be booted securely) but in practice most distros don’t have this protection boundary.
It kinda depends, on custom kernels DKMS can be incredibly helpful. Like for a hardened kernel, a lot of drivers may be loaded via DKMS.