[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

a security bug..........

From: mathan gopal
Subject: a security bug..........
Date: Thu, 15 Jul 2004 19:19:19 -0700 (PDT)

Hello everyone,
               Actually i'm using grub-0.93 version.As
a matter of security,i tried to password protect my
grub.conf by adding a line password=<mypasswd> to the
kernel definition in the grub.conf file.Now i thought
everyhting is o.k.But when i rebooted my system and
pressed 'e' on the grub interface,the entire
definition of my kernel image,along with the line
password was diplayed!!!!!!!!!!!Now,anyone can read
the password and use tht passwd to pass kernel
Although,there is one way to password protect the menu
itself,i feel tht it'd be better if we can protect the
password of the kernel definition from being diplayed
on the interface.

Hope someone would hav found this mistake already.
i have not worked with the updated versions of grub.
do anyone know whether this mitake was rectified in
the latest version??????????

Also i had gone thru' the source code of grub0.93.
We can modify it to rectify this mistake by modifying
the print_entries() funtion of stage2.c file.

If not,pls do the change in th GRUB 2.0.
Hope,i'll get a reply from someone regarding this. 

with regards

Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!

reply via email to

[Prev in Thread] Current Thread [Next in Thread]