[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] password command implementation

From: Marco Gerards
Subject: Re: [PATCH] password command implementation
Date: Wed, 08 Aug 2007 16:57:20 +0200
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

Jordi Mallach <address@hidden> writes:

> On Tue, Aug 07, 2007 at 02:17:16PM +0200, Julien Ranc wrote:
>>  - plain text passwords are indeed very insecure, but I kept them, as it was
>> possible in Grub legacy. Should I remove them ?
> I think there's plenty of people who will have use for plain, insecure
> passwords.
> The first security problem of having access to the grub menu is that in
> a lot of cases, it is equal to having access to the hardware. That blows
> up pretty much all of your security measures, if you're not using
> encrypted filesystems or whatever.
> Plain password is easy to beat, but at least it adds a minimal layer of
> "annoyance" for anyone wanting to boot what they aren't supposed to
> boot.

So you want to make it possible to have plain text passwords because
it is easier to hack? :-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]