grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC] Boot parameters and geometrical stability

From: Robert Millan
Subject: Re: [RFC] Boot parameters and geometrical stability
Date: Thu, 4 Sep 2008 21:37:14 +0200
User-agent: Mutt/1.5.13 (2006-08-11) 
On Wed, Sep 03, 2008 at 08:49:14PM +0300, Vesa Jääskeläinen wrote:
> 
> Possibilites are there, but basically they are limited to something like:
> 
> (ata0) (pci-X-Y-Z:ata0) (usb-X-Y:scsi0) (pci-X-Y-Z:scsi0)

I think this is overkill, and doesn't really address the root of the problem.

The real security problem here is whether the executable code you're loading is
trusted, NOT where you load the code from.

When you use crypto checksums, if you get a match why would you care if you're
loading from (some-safe-disk) or from (evil-place)?  It's the same data!

-- 
Robert Millan

  The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
  how) you may access your data; but nobody's threatening your freedom: we
  still allow you to remove your data and not access it at all."
reply via email to
[Prev in Thread] Current Thread [Next in Thread]