Bug#568750: live-initramfs: live-media=removable does not work as advertised
Package: live-initramfs
Version: 1.173.1-1
Severity: normal
Tags: security, patch
Hi,
The manpage section about the live-media= boot parameter states
that
the keyword 'removable' can be used to limit the search of
acceptable live media to removable type only.
The *only* part of the specification is pretty important when some
high degree of trust has to be put into a Live system: booting another
Live system than the one you think, without being told, can lead to
severe problems... especially for Live systems such as amnesia[1],
that aim at offering some privacy guarantees to their users. This is
why I set the security tag to this bug, which might be disputable.
The bugs/live-media branch of amnesia's Git repository[2] (Gitweb [3])
has a commit (5e8a2f10610d35fc40b859e8f15a9cd6f01827b9) that fixes
this issue, by actually implementing the documented behaviour.
So... please pull :)
[1] https://amnesia.boum.org/
[2] git://git.immerda.ch/amnesia_live-initramfs.git
[3] http://git.immerda.ch/?p=amnesia_live-initramfs.git;a=summary
Bye,
--
intrigeri <intrigeri@boum.org>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr-fingerprint.asc
| The impossible just takes a bit longer.
Reply to: