• thearch@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    33
    ·
    4 months ago

    It’s supposed to prevent unsigned files from being loaded by the UEFI (AFAIK) which could possibly help with rootkits, if it doesn’t somehow sign itself. However, these are pretty rare if you don’t allow sketchy software to access your boot partition, and will often cause issues with non major Linux distros.