Re: [PATCH] password command implementation

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] password command implementation

From:	Marco Gerards
Subject:	Re: [PATCH] password command implementation
Date:	Wed, 08 Aug 2007 16:57:20 +0200
User-agent:	Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

Jordi Mallach <address@hidden> writes:

> On Tue, Aug 07, 2007 at 02:17:16PM +0200, Julien Ranc wrote:
>>  - plain text passwords are indeed very insecure, but I kept them, as it was
>> possible in Grub legacy. Should I remove them ?
>
> I think there's plenty of people who will have use for plain, insecure
> passwords.
>
> The first security problem of having access to the grub menu is that in
> a lot of cases, it is equal to having access to the hardware. That blows
> up pretty much all of your security measures, if you're not using
> encrypted filesystems or whatever.
>
> Plain password is easy to beat, but at least it adds a minimal layer of
> "annoyance" for anyone wanting to boot what they aren't supposed to
> boot.

So you want to make it possible to have plain text passwords because
it is easier to hack? :-)

--
Marco

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] password command implementation, Julien RANC, 2007/08/05
- Re: [PATCH] password command implementation, Marco Gerards, 2007/08/07
  - Re: [PATCH] password command implementation, Julien Ranc, 2007/08/07
    - Re: [PATCH] password command implementation, Jordi Mallach, 2007/08/07
    - Re: [PATCH] password command implementation, Marco Gerards <=
    - Re: [PATCH] password command implementation, Yoshinori K. Okuji, 2007/08/07

Prev by Date: Unable to compile grub
Next by Date: Re: multidistro grub2 idea
Previous by thread: Re: [PATCH] password command implementation
Next by thread: Re: [PATCH] password command implementation
Index(es):
- Date
- Thread