Re: Security problem with GRUB 0.91

bug-grub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security problem with GRUB 0.91

From:	Yoshinori K. Okuji
Subject:	Re: Security problem with GRUB 0.91
Date:	Tue, 22 Jan 2002 08:17:15 +0900
User-agent:	Wanderlust/2.6.0 (Twist And Shout) SEMI/1.14.3 (Ushinoya) FLIM/1.14.3 (Unebigoryoae) APEL/10.3 Emacs/20.7 (i686-pc-linux-gnu) MULE/4.0 (HANANOEN)

At Mon, 21 Jan 2002 17:33:28 -0500,
Aaron D. Marasco <address@hidden> wrote:
> I am guessing this problem exists in other versions also. If I go to a 
> password protected menu option, I can happily press 'e' and see the 
> password if it is plaintext. Even worse, I can choose the password command 
> line and then delete it ('d') and then boot ('b') without the password 
> prompt ever coming up.

I don't think it is a problem. If you don't protect the menu interface
itself, you can always run whatever with the command-line
interface. So it doesn't make sense to protect only entries anyway. It
is something like you set passwords for ordinary users but not for
root.

Thanks,
Okuji

[Prev in Thread]

Current Thread

[Next in Thread]

Security problem with GRUB 0.91, Aaron D. Marasco, 2002/01/21
- Re: Security problem with GRUB 0.91, Yoshinori K. Okuji <=

Prev by Date: Security problem with GRUB 0.91
Next by Date: Issues booting from a SCSI drive
Previous by thread: Security problem with GRUB 0.91
Next by thread: Issues booting from a SCSI drive
Index(es):
- Date
- Thread