|
| From: | Vladimir 'phcoder' Serbinenko |
| Subject: | Re: Re[2]: 'password' command in GRUB 2? |
| Date: | Tue, 25 Aug 2009 21:54:29 +0200 |
> However, that CVE is about grub leaving its passwords in memory. > Wiping memory used by grub should be fast - orders of magnitude faster > than loading the OS kernel for example. Actually this specific report is about BIOS leaving its keyboard buffer - you can find BIOS password there too. As BIOS is proprietary firmware whatever we do we can never ensure it being secure. Even the task to just wipe grub's memory would take time to implement. I'll do it but probably timeframe before release freeze is too short. > > Thanks > > Michal > > Thanks > > Michal > > > _______________________________________________ > Grub-devel mailing list > address@hidden > http://lists.gnu.org/mailman/listinfo/grub-devel > -- Regards Vladimir 'phcoder' Serbinenko Personal git repository: http://repo.or.cz/w/grub2/phcoder.git
| [Prev in Thread] | Current Thread | [Next in Thread] |