Fwd: Re: Security and grub2 (was: Debian Project News - May 31st, 2010)
I just got the e-mail bellow from one of our grub maintainers. I hope
that it is of help for you. Should you have any more questions /
concerns, feel free to contact them directly via the
firstname.lastname@example.org mailing list.
-------- Original-Nachricht --------
Betreff: Re: Security and grub2 (was: Debian Project News - May 31st, 2010)
Datum: Tue, 1 Jun 2010 21:05:41 +0100
Von: Colin Watson <email@example.com>
An: Alexander Reichle-Schmehl <firstname.lastname@example.org>
[Sorry, I'm reading this through the Alioth list archives and don't have
Wolfgang's e-mail address. Please forward as appropriate.]
On Mon, May 31, 2010 at 03:56:43PM +0200, Alexander Reichle-Schmehl wrote:
> Hi Wolfgang,
> Am 31.05.2010 15:33, schrieb Wolfgang Gruhn:
> >> William Pitcock explained  that due to some limitations (for example
> >> in the size of supported kernels) the boot loader LILO  is about to
> >> be removed from the upcoming release of Debian 6.0 "Squeeze". He
> >> therefore asked users to test the replacement boot loader GRUB 2 .
> > GRUB version 2 cannot be accepted (because of security reasons) as long
> > as the PASSWORD command is ignored. Please inform the developers to use
> > GRUB version 1 instead, thanks!
This is certainly out of date.
> To the best of my knowledge, GRUB 2 supports restricting different boot
> menus in a far more flexible way than GRUB 1 did. I found a small
> introduction at http://grub.enbug.org/Authentication, however I'm unsure
> about the plain text passwords statement and how to best integrate that
> into Debian's configuration handling.
PBKDF2 hashed passwords, as documented in the lower part of that page,
are supported in the current version in testing. There's no
grub-mkconfig (a.k.a. update-grub) support for either plain-text or
hashed passwords, so you won't find either in /etc/default/grub, but
it's perfectly possible to add this to one of the scripts in
/etc/grub.d/ and do whatever you want.
> GRUB maintainers, could you please comment on that?
Mostly it needs some half-decent documentation, and selection of one or
two primary workflows to automate via the standard grub-mkconfig
scripts. Saying that it "cannot be accepted (because of security
reasons)" seems like a bit of an overreaction, though.
Colin Watson [email@example.com]