From: "Yoshinori K. Okuji" <okuji@enbug.org>
To: The development of GRUB 2 <grub-devel@gnu.org>
Subject: Re: GRUB2 Build on Mac OS X
Date: Sat, 10 Dec 2005 01:18:10 +0100 [thread overview]
Message-ID: <200512100118.10596.okuji@enbug.org> (raw)
In-Reply-To: <1134085204.2590.50.camel@localhost.localdomain>
On Friday 09 December 2005 12:40 am, Peter Jones wrote:
> Now, the obvious retort to this is that no setuid programs are calling
> grub, so it's not even one of those cases. That's not a good answer
> either. I've got one I'd really *like* to call grub from, and it is
> pm-hibernate, through consolehelper, and they both accept some degree of
> user input from whoever's logged in on the console.
>
> I'd really like to make it so that if somebody has 2 kernels installed,
> boots the non-default one, hibernates their laptop, and unsuspends
> without paying attention, it doesn't die a horrible death. The most
> obvious way to do that is to make pm-hibernate set the next-boot device
> to the currently running one.
I don't agree. Here what you need to use is grub-setdefault but not grub
itself. grub-setdefault is just a shell script, so it does not matter whether
we use nested functions or not in the C code.
I don't see any security concern in GRUB. At least I haven't seen any scenario
yet. I don't say that it is good that GCC generates code to use a stack for
executing code, because it is hard to find a bug when buffer overflow happens
due to a programming mistake. But I don't think executable stacks are bad
*for security* in GRUB.
Okuji
next prev parent reply other threads:[~2005-12-10 0:18 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-08 6:10 GRUB2 Build on Mac OS X Andre Smith
2005-12-08 12:26 ` Marco Gerards
2005-12-08 16:27 ` Peter Jones
2005-12-08 18:25 ` Yoshinori K. Okuji
2005-12-08 23:40 ` Peter Jones
2005-12-10 0:18 ` Yoshinori K. Okuji [this message]
2005-12-10 14:32 ` Marco Gerards
2005-12-08 18:45 ` Marco Gerards
2005-12-08 19:10 ` Andrei Warkentin
2005-12-08 20:00 ` Marco Gerards
2005-12-08 20:10 ` Andrei Warkentin
2005-12-08 20:14 ` Marco Gerards
2005-12-08 20:51 ` Andrei Warkentin
2005-12-09 22:49 ` Hollis Blanchard
2005-12-09 23:07 ` Peter Jones
2005-12-09 23:32 ` Marco Gerards
2005-12-10 0:23 ` Yoshinori K. Okuji
2005-12-10 18:52 ` Peter Jones
2005-12-09 23:26 ` Marco Gerards
2005-12-08 15:09 ` Andrei Warkentin
-- strict thread matches above, loose matches on Subject: below --
2005-12-08 22:01 andre-smith
2005-12-08 23:06 ` Andrei Warkentin
2005-12-09 21:34 ` Marco Gerards
2005-12-08 23:18 ` Andrei Warkentin
2005-12-09 21:40 ` Marco Gerards
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200512100118.10596.okuji@enbug.org \
--to=okuji@enbug.org \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.