[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re[2]: 'password' command in GRUB 2?
From: |
Felix Zielcke |
Subject: |
Re: Re[2]: 'password' command in GRUB 2? |
Date: |
Tue, 25 Aug 2009 16:35:36 +0200 |
Am Dienstag, den 25.08.2009, 01:58 +0200 schrieb Vladimir 'phcoder'
Serbinenko:
> On Tue, Aug 25, 2009 at 12:36 AM, Robert Millan<address@hidden>
> wrote:
> >
> > I had a look at grub_cmdline_get(), and it would need some
> restructuring in
> > order not to enforce static allocation. I admit it doesn't make
> sense to
> > put this patch on hold because of it.
> >
> > Vladimir, please go ahead with your latest patch. I will try to
> change
> > grub_cmdline_get() semantics later if I get some time.
> >
> Comitted. Beware that it needs more review and testing before
> considering it somewhat secure (well we don't really need to be more
> secure than firmware password unless we're firmware).
> Additionally using plaintext support (currently the only supported) is
> a bad practise. I'll look if I have time to implement a form of
> cryptographic password (e.g. scrypt) before 1.97 freeze.
Does it has the same problem as CVE-2008-3896 published for grub-legacy?
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3896
--
Felix Zielcke
Proud Debian Maintainer
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/19
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/20
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/21
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/22
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/23
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/24
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/24
- Re: Re[2]: 'password' command in GRUB 2?,
Felix Zielcke <=
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/25
- Re: Re[2]: 'password' command in GRUB 2?, Michal Suchanek, 2009/08/25
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/25
- Re: Re[2]: 'password' command in GRUB 2?, Michal Suchanek, 2009/08/26
- Re: Re[2]: 'password' command in GRUB 2?, Vladimir 'phcoder' Serbinenko, 2009/08/26
- Re: Re[2]: 'password' command in GRUB 2?, Robert Millan, 2009/08/28