[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re[2]: 'password' command in GRUB 2?
From: |
Robert Millan |
Subject: |
Re: Re[2]: 'password' command in GRUB 2? |
Date: |
Thu, 20 Aug 2009 18:32:14 +0200 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
On Wed, Aug 19, 2009 at 05:17:13PM +0200, Vladimir 'phcoder' Serbinenko wrote:
> On Wed, Aug 19, 2009 at 5:08 PM, Robert Millan<address@hidden> wrote:
> >
> > I agree with this proposal in general. Except with the concept of "users",
> > which I think might be overkill. GRUB is not a Un*x with its /home and
> > per-user settings. These passwords just protect resources, so I'm not sure
> > if there's a point in managing users as an intermediate layer between
> > passwords and the restricted resource.
> The concept of users allows to use other authentication methods then
> password. Consider a possibility of fingerprint authentications. 2
> users needing superuser privilegies can share the same password but
> have trouble sharing fingerprints. Another possibility is LUKS
> authentication - user is considered ok if his password unlocks the
> slot number N. If we ask users to share the same keyslot on luks we
> get in the way of luks keyphrase revocation.
> Additionally this simplifies the configuration as you don't need to
> write password at every menuentry directive.
> While the concept of users isn't strictly necessary it allows easy
> management of multiple authentication methods and is really helpful
> even for just managing multiple passwords
Ok. Then it might be a good thing to have those in our current model, even
if we don't support fingerprints yet.
I'm fine with the proposed design.
--
Robert Millan
The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove your data and not access it at all."
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/19
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/20
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/21
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/22
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/23
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/24
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/24
- Re: Re[2]: 'password' command in GRUB 2?, Felix Zielcke, 2009/08/25
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/25
- Re: Re[2]: 'password' command in GRUB 2?, Michal Suchanek, 2009/08/25
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/25