R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?

From:	address@hidden
Subject:	R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Date:	Tue, 18 Jul 2017 12:38:33 +0200 (CEST)

Dear Colin,

I've read with interest your reply and i gave a look at the grub code.

You wrote an important assertion: "GRUB intentionally has no filesystem writing support".

So, the writing operations that grub can do, only be sent to a pre-allocated memory regions of the disk different in any case from that allocated by the OS for the filesystem, where the user data are stored.

This means that grub never can corrupt the user data.

Please, can you confirm if this my conclusion is right ? Because is this the crucial question i need to solve.

Thanks in advance.

Best Regards.

Vincenzo.

Forensic Consultant
Tribunale di Lecce

Studio: Strada di Garibaldi - Contrada Paradisi
73010 Lequile (LE)

cell: 339.7968555
skype: vincenzo.di_salvo

----Messaggio originale----
Da: address@hidden
Data: 17-lug-2017 19.48
A: <address@hidden>
Ogg: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?

On Mon, Jul 17, 2017 at 07:21:49PM +0200, address@hidden wrote:
> CAN GRUB IMPLICITLY WRITE TO A DRIVE ATTACHED TO A COMPUTER ?
>
> Implicitly means: without an explicit command from a user.

Please stop SHOUTING; it's generally considered rather rude.

GRUB intentionally has no general filesystem writing support. As far as
I'm aware there are exactly four ways for it to send any write commands
to disks:

1) The "save_env" command (grub-core/commands/loadenv.c) which writes
    key/value pairs to a small preallocated region of disk. This is
    used to communicate small amounts of information to the OS, such as
    whether the last request to boot a particular menu entry on only the
    next boot has been completed.

2) The "gptsync" command (grub-core/commands/gptsync.c), which does
    some MBR/GPT partition table mangling needed on some Apple models.

3) The similar "mactelbless" and "macppcbless" commands
    (grub-core/commands/macbless.c), which configure a file/directory on
    some Apple filesystems to be the 'blessed' boot image for that
    filesystem.

4) The "parttool" command (grub-core/commands/parttool.c,
    grub-core/parttool/), which can be used to make various
    modifications to MBR partition table entries.

GRUB is scriptable, so it isn't possible to give a general answer to
your question for all systems that might have custom configurations, but
the default configuration files only use the "save_env" and "parttool"
commands, the latter only in the case where a chainloadable operating
system was detected on a disk using the MBR partition table format. In
either case, it isn't going to write to a random USB device that's
attached to a machine, although save_env might write to the device it
believes holds /boot/grub/grubenv.

The low-level disk handling code is in grub-core/disk/.

--
Colin Watson                                       address@hidden

_______________________________________________
Grub-devel mailing list
address@hidden
https://lists.gnu.org/mailman/listinfo/grub-devel

[Prev in Thread]

Current Thread

[Next in Thread]

R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?, address@hidden, 2017/07/17
- R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?, address@hidden <=
  - Re: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?, Colin Watson, 2017/07/18

Prev by Date: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Next by Date: Re: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Previous by thread: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Next by thread: Re: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Index(es):
- Date
- Thread