Re: Re-enabling os-prober for live images?
On Mon, Mar 06, 2023 at 02:38:53PM +0000, Steve McIntyre wrote:
> jcc@debian.org wrote:
> >Since the grub 2.06 upload, os-prober is now disabled by default. This
> >means that other operating systems are no longer detected and added to
> >grub by default in Debian 12.
> >I haven't followed further on to which solution they went with, but
> >since it's so late in the development cycle, wouldn't it make sense to
> I'm also pondering tweaking things in d-i to re-enable os-prober if
> the system looks like it might have some other OS installed. Yes, I
> realise that may sound odd(!), but I can see a number of users
> complaining that their dual-boot system doesn't work any more... :-/
At this point, I'd just enable os-prober unconditionally, and think of a
wrapped solution for the future. The "disable os-prober" change trades
a major usage regression for hardening an issue that can be trivially
exploited in a number of other ways anyway.
Our current current state of resistance against physical access is bad
enough that _today_ I'd say this sacrifice is not worth it. I don't quite
see any short-term developments that would improve it (there's plenty of
snakeoil, disturbing DRM schemes, while no one bothers to deploy projects
that'd make physical security friendly to the user. But /rant.).
Thus my suggestions would be either:
* just re-enabling os-prober, or
* checking if we're on an encrypted filesystem.
Your idea of checking whether there's a second OS installed has its merit,
but would mysteriously fail to offer boot choice if we're the old OS (ie,
possibly the one being replaced and kept just in case).
Meow!
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Q: Is it ok to combine wired, wifi, and/or bluetooth connections
⢿⡄⠘⠷⠚⠋⠀ in wearable computing?
⠈⠳⣄⠀⠀⠀⠀ A: No, that would be mixed fabric, which Lev19:19 forbids.
Reply to: