Re: Re-enabling os-prober for live images?
On Mon, Mar 06, 2023 at 02:38:53PM +0000, Steve McIntyre wrote:
> email@example.com wrote:
> >Since the grub 2.06 upload, os-prober is now disabled by default. This
> >means that other operating systems are no longer detected and added to
> >grub by default in Debian 12.
> >I haven't followed further on to which solution they went with, but
> >since it's so late in the development cycle, wouldn't it make sense to
> I'm also pondering tweaking things in d-i to re-enable os-prober if
> the system looks like it might have some other OS installed. Yes, I
> realise that may sound odd(!), but I can see a number of users
> complaining that their dual-boot system doesn't work any more... :-/
At this point, I'd just enable os-prober unconditionally, and think of a
wrapped solution for the future. The "disable os-prober" change trades
a major usage regression for hardening an issue that can be trivially
exploited in a number of other ways anyway.
Our current current state of resistance against physical access is bad
enough that _today_ I'd say this sacrifice is not worth it. I don't quite
see any short-term developments that would improve it (there's plenty of
snakeoil, disturbing DRM schemes, while no one bothers to deploy projects
that'd make physical security friendly to the user. But /rant.).
Thus my suggestions would be either:
* just re-enabling os-prober, or
* checking if we're on an encrypted filesystem.
Your idea of checking whether there's a second OS installed has its merit,
but would mysteriously fail to offer boot choice if we're the old OS (ie,
possibly the one being replaced and kept just in case).
⣾⠁⢠⠒⠀⣿⡁ Q: Is it ok to combine wired, wifi, and/or bluetooth connections
⢿⡄⠘⠷⠚⠋⠀ in wearable computing?
⠈⠳⣄⠀⠀⠀⠀ A: No, that would be mixed fabric, which Lev19:19 forbids.