grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC] Boot parameters and geometrical stability

From: phcoder
Subject: Re: [RFC] Boot parameters and geometrical stability
Date: Thu, 04 Sep 2008 23:40:32 +0200
User-agent: Thunderbird 2.0.0.16 (X11/20080724) 
Robert Millan wrote:
> On Wed, Sep 03, 2008 at 08:49:14PM +0300, Vesa Jääskeläinen wrote:
>> Possibilites are there, but basically they are limited to something like:
>>
>> (ata0) (pci-X-Y-Z:ata0) (usb-X-Y:scsi0) (pci-X-Y-Z:scsi0)
> 
> I think this is overkill, and doesn't really address the root of the problem.
> 
> The real security problem here is whether the executable code you're loading 
> is
> trusted, NOT where you load the code from.
If the code is loaded from the same place as we do then we can trust it
(if attacker could modify the code, he could also modify us)
> 
> When you use crypto checksums, if you get a match why would you care if you're
> loading from (some-safe-disk) or from (evil-place)?  It's the same data!
> 
Yes it is. But I don't know how big the crypto-checksum-check module
would be.
Vladimir 'phcoder' Serbineko
reply via email to
[Prev in Thread] Current Thread [Next in Thread]