[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Menu locks / password authentication

From: Robert Millan
Subject: Re: Menu locks / password authentication
Date: Wed, 4 Mar 2009 22:04:49 +0100
User-agent: Mutt/1.5.18 (2008-05-17)

On Tue, Mar 03, 2009 at 05:32:40PM +0200, Vesa Jääskeläinen wrote:
> Robert Millan wrote:
> > It's funny, we're all discussing about performing security measurements in
> > GRUB and nobody mentioned that our user interface lacks even the most basic
> > lock mechanism :-)
> > 
> > Perhaps this would be a good time to retake the discussion on implementing
> > an equivalent to "lock" and "password" commands.  I think I even sent a 
> > patch
> > a while ago!
> > 
> > Vesa, do you still think we should design an extensible framework for
> > authentication before we do anything else?  I think it'd be interesting if
> > we could implement the lock/password paradigm, even if later it would be
> > replaced, since our users commonly need this, and it's blocking the
> > transition from GRUB Legacy.
> I think that most important thing at this time is to match needed
> functionality with GRUB legacy. So just make it clean and perhaps think
> a bit about how it can be easily extended :).
> I think there was some hash algorithms posted previously that could be
> used for this.

Hashing is nice, but basic password support can work without hash.  If you
give grub.cfg the proper perms, that is.

Anyway, for those interested:

Robert Millan

  The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
  how) you may access your data; but nobody's threatening your freedom: we
  still allow you to remove your data and not access it at all."

reply via email to

[Prev in Thread] Current Thread [Next in Thread]