Re: [PATCH] erase variable data on user unset

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] erase variable data on user unset

From:	Robert Millan
Subject:	Re: [PATCH] erase variable data on user unset
Date:	Sun, 10 Feb 2008 22:53:25 +0100
User-agent:	Mutt/1.5.13 (2006-08-11)

On Sun, Feb 10, 2008 at 04:38:37PM -0500, Isaac Dupree wrote:
> on second thought, if grub is going to be able to boot kernels that are 
> on encrypted partitions, the password might go more places in grub 
> and/or have to be retained until boot time, depending how it works...

Not until boot time, just up to the load command.  I guess you mean
something like:

echo -n "Password: "
read password
lvm_somecommand $password
linux (lvm-device)/boot/linux.img
unset password
boot

Here, the lvm module would be responsible for its own copy of the password.  It
does already know that sensitive information is being handled, so when
grub_lvm_fini() is called, it'll erase it.

The other copy is in the environment, so user clears it after loading linux,
because our env handler doesn't know that some variables might contain
sensitive info.

-- 
Robert Millan

<GPLv2> I know my rights; I want my phone call!
<DRM> What use is a phone call… if you are unable to speak?
(as seen on /.)

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] read --echo=[yes|no|wildcard], (continued)
- Re: [PATCH] read --echo=[yes|no|wildcard], Yoshinori K. Okuji, 2008/02/10
  - Re: [PATCH] read --echo=[yes|no|wildcard], Robert Millan, 2008/02/10

Prev by Date: Re: [PATCH] erase variable data on user unset
Next by Date: Re: Generic halt and reboot commands (was: Re: grub2 efi patches)
Previous by thread: Re: [PATCH] erase variable data on user unset
Next by thread: Re: [PATCH] read --echo=[yes|no|wildcard]
Index(es):
- Date
- Thread