From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1JOK9A-0007Om-R1 for mharc-grub-devel@gnu.org; Sun, 10 Feb 2008 16:55:36 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1JOK99-0007O1-5h for grub-devel@gnu.org; Sun, 10 Feb 2008 16:55:35 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1JOK95-0007Mi-S0 for grub-devel@gnu.org; Sun, 10 Feb 2008 16:55:34 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1JOK95-0007Md-Ly for grub-devel@gnu.org; Sun, 10 Feb 2008 16:55:31 -0500 Received: from aybabtu.com ([69.60.117.155]) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1JOK95-0007Pv-A2 for grub-devel@gnu.org; Sun, 10 Feb 2008 16:55:31 -0500 Received: from [192.168.10.6] (helo=thorin) by aybabtu.com with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1JOK92-0003or-Tu for grub-devel@gnu.org; Sun, 10 Feb 2008 22:55:30 +0100 Received: from rmh by thorin with local (Exim 4.63) (envelope-from ) id 1JOK73-0002Bc-Ir for grub-devel@gnu.org; Sun, 10 Feb 2008 22:53:25 +0100 Date: Sun, 10 Feb 2008 22:53:25 +0100 From: Robert Millan To: The development of GRUB 2 Message-ID: <20080210215325.GA8034@thorin> References: <47AF0282.4000307@isaac.cedarswampstudios.org> <20080210152226.GB7404@thorin> <47AF293F.8070804@isaac.cedarswampstudios.org> <20080210170026.GA12941@thorin> <47AF3BD2.6060305@isaac.cedarswampstudios.org> <20080210193916.GA22265@thorin> <47AF57DF.1000306@isaac.cedarswampstudios.org> <20080210204738.GA4916@thorin> <47AF6D47.4020509@isaac.cedarswampstudios.org> <47AF6EDD.1020304@isaac.cedarswampstudios.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <47AF6EDD.1020304@isaac.cedarswampstudios.org> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.13 (2006-08-11) X-detected-kernel: by monty-python.gnu.org: Genre and OS details not recognized. Subject: Re: [PATCH] erase variable data on user unset X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Feb 2008 21:55:35 -0000 On Sun, Feb 10, 2008 at 04:38:37PM -0500, Isaac Dupree wrote: > on second thought, if grub is going to be able to boot kernels that are > on encrypted partitions, the password might go more places in grub > and/or have to be retained until boot time, depending how it works... Not until boot time, just up to the load command. I guess you mean something like: echo -n "Password: " read password lvm_somecommand $password linux (lvm-device)/boot/linux.img unset password boot Here, the lvm module would be responsible for its own copy of the password. It does already know that sensitive information is being handled, so when grub_lvm_fini() is called, it'll erase it. The other copy is in the environment, so user clears it after loading linux, because our env handler doesn't know that some variables might contain sensitive info. -- Robert Millan I know my rights; I want my phone call! What use is a phone call… if you are unable to speak? (as seen on /.)