Security and grub2 (was: Debian Project News - May 31st, 2010)
Am 31.05.2010 15:33, schrieb Wolfgang Gruhn:
>> William Pitcock explained  that due to some limitations (for example
>> in the size of supported kernels) the boot loader LILO  is about to
>> be removed from the upcoming release of Debian 6.0 "Squeeze". He
>> therefore asked users to test the replacement boot loader GRUB 2 .
> GRUB version 2 cannot be accepted (because of security reasons) as long
> as the PASSWORD command is ignored. Please inform the developers to use
> GRUB version 1 instead, thanks!
To the best of my knowledge, GRUB 2 supports restricting different boot
menus in a far more flexible way than GRUB 1 did. I found a small
introduction at http://grub.enbug.org/Authentication, however I'm unsure
about the plain text passwords statement and how to best integrate that
into Debian's configuration handling.
GRUB maintainers, could you please comment on that?