Re: Re[2]: 'password' command in GRUB 2?

[Robert Millan]

On Sun, Jul 26, 2009 at 06:20:03PM +0200, Vladimir 'phcoder' Serbinenko wrote:
> I think you underestimate yourself. Especially if we agree on function
> propotypes you are completely able to implement. Discussing on IRC I
> formulated 3 criteria which our system must satisfy:
> (1) you can't access shell without authenticating as "superuser".
> (2) boot some entries without authenticating as one of users (list of
> allowed users may differ per menuentry)
> (3) new autentication schemes (e.g. ssh keys) should be implementable as 
> modules
> 
> I propose following implementation guidelines:
> Syntax:
> set superusers=root,gnu
> password root "GRUB"
> md5_password operator $MD5$MD5$MD5
> fingeprint gnu /gnu.fp
> menuentry "single mode" --users root,operator {
>   ....
> }
> 
> Wher user tries to authenticate GRUB2 will ask him login and then call
> a function from module
> 
> Prototypes:
> grub_err_t grub_auth_register_authentication (const char *user,
> grub_err_t (*callback) (const char*, void *), void *arg);
> this will ask to call callback if login is USER.
> grub_err_t grub_auth_authenticate (const char *user);
> grub_err_t grub_auth_deauthenticate (const char *user);
> grub_err_t grub_auth_check_authentication (const char *userlist);
> 
> grub_auth_check_authentication will output login prompt if no user
> from userlist is already authenticated

I agree with this proposal in general.  Except with the concept of "users",
which I think might be overkill.  GRUB is not a Un*x with its /home and
per-user settings.  These passwords just protect resources, so I'm not sure
if there's a point in managing users as an intermediate layer between
passwords and the restricted resource.

What does everyone else think?

-- 
Robert Millan

  The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
  how) you may access your data; but nobody's threatening your freedom: we
  still allow you to remove your data and not access it at all."