Re: [PATCH] broken ESC navigation if authentication is used

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] broken ESC navigation if authentication is used

From:	Vladimir 'φ-coder/phcoder' Serbinenko
Subject:	Re: [PATCH] broken ESC navigation if authentication is used
Date:	Sun, 8 Nov 2015 21:55:32 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.3.0

On 11.06.2015 05:55, Andrei Borzenkov wrote:
> В Wed, 10 Jun 2015 21:35:51 +0200
> "Vladimir 'phcoder' Serbinenko" <address@hidden> пишет:
> 
>> This patch may allow to escape to shell if menu was called from context
>> without menu entries. This may happen inadvertently I.a. when using
>> configfile. You need to add an additional parameter to indicate whether
>> it's OK to break from menu
> 
> Could you explain? Grub does
> 
> grub_enter_normal
>   grub_normal_execute
>     grub_show_menu
>   grub_cmdline_run
> 
> if after processing config file there are no menu entries we do not
> even call grub_show_menu. And even if we do, after return from it there
> is mandatory authentication in grub_cmdline_run.
> 
Imagine something like following:
grub.cfg:
# Use another config file
configfile grub2.cfg
grub2.cfg:
superusers=root
....
Then pressing escape would lead you to the parent context where there is
no password protection.
Question is whether this is a misconfiguration on grub.cfg side (i.a.
should have been source, not configfile) or something to deal on code side.
> I see how it could happen in original commit when authentication was
> added, but I miss code path that cause it now. 
> 
>> Le 10 juin 2015 21:32, "Andrei Borzenkov" <address@hidden> a écrit :
>>
>>> В Wed, 10 Jun 2015 18:29:59 +0200
>>> Florian Kaiser <address@hidden> пишет:
>>>
>>>> Hi,
>>>>
>>>> we are using grub2 with authentication enabled and multiple submenus.
>>>> Unfortunately it is not possible to return to a previous menu with ESC
>>> without
>>>> triggering a superuser password prompt. This is not the desired behavior
>>> in
>>>> my opinion.
>>>> I attached a patch to this email, which removes the password prompt when
>>>> pressing escape.
>>>>
>>>
>>> Looks OK; I'm not sure why this was needed in the first place - it does
>>> not look like it is even possible to exit primary menu.
>>>
>>> Vladimir, OK to commit?
>>>
>>> _______________________________________________
>>> Grub-devel mailing list
>>> address@hidden
>>> https://lists.gnu.org/mailman/listinfo/grub-devel
>>>
> 
> 
> _______________________________________________
> Grub-devel mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/grub-devel
>

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] broken ESC navigation if authentication is used, Vladimir 'φ-coder/phcoder' Serbinenko <=
- Re: [PATCH] broken ESC navigation if authentication is used, Andrei Borzenkov, 2015/11/10
- Re: [PATCH] broken ESC navigation if authentication is used, Andrei Borzenkov, 2015/11/12

Prev by Date: Re: [PATCH v2 1/6] gitignore: Ignore *.orig, *.rej and *.swp files
Next by Date: [PATCH] arm64: Add the introduction of xen boot commands in docs/grub.texi
Previous by thread: Re: [PATCH v2 5/6] multiboot2: Add support for relocatable images
Next by thread: Re: [PATCH] broken ESC navigation if authentication is used
Index(es):
- Date
- Thread