From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1VMb8W-0007Lq-5z for mharc-grub-devel@gnu.org; Thu, 19 Sep 2013 06:07:00 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47624) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VMb8M-0007C3-HB for grub-devel@gnu.org; Thu, 19 Sep 2013 06:06:59 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VMb8E-0003f1-3E for grub-devel@gnu.org; Thu, 19 Sep 2013 06:06:50 -0400 Received: from mail-la0-x231.google.com ([2a00:1450:4010:c03::231]:57958) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VMb8D-0003el-Ra for grub-devel@gnu.org; Thu, 19 Sep 2013 06:06:42 -0400 Received: by mail-la0-f49.google.com with SMTP id ev20so6603143lab.36 for ; Thu, 19 Sep 2013 03:06:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type; bh=pb0uUY4i5yxeI+xjVMvnv8mJUD/Ly//yMmbEArqR0Go=; b=T+dzoBeqZYZTtvB3Ca/XM+9FztKaixtKjMREuhjAo3vXoBVb3FumgcNAckS3ljxbPm o44Awc1xVHXwJOPKX2Nzdb+tNi1NQWJnnfWKP669IxrI4b/Jre4Ugxw4BOZucXZXI8EK zmBr55BtJJh9KDn82Nagnf+NZDoMLZOd5UstDl6BtQx3FThLLig4wEdU9KUWv5ub82bq l+l/+xc71dpEfl0sTDPGF0q7muoZHW6Qn3fNMNS0ca5Dzq3zOAz+LPdMxr831R5pTMTY xdRpRu5Vl9huIccrOAVTwvZj++frm9siakkxvGhH5Nxj22nEtwyszcMmib9I+Eq67Ynh ySoQ== X-Received: by 10.152.37.166 with SMTP id z6mr595298laj.25.1379585200137; Thu, 19 Sep 2013 03:06:40 -0700 (PDT) Received: from opensuse.site (ppp91-76-143-238.pppoe.mtu-net.ru. [91.76.143.238]) by mx.google.com with ESMTPSA id vx8sm3539331lbb.8.1969.12.31.16.00.00 (version=SSLv3 cipher=RC4-SHA bits=128/128); Thu, 19 Sep 2013 03:06:39 -0700 (PDT) Date: Thu, 19 Sep 2013 14:06:34 +0400 From: Andrey Borzenkov To: grub-devel@gnu.org Subject: Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce Message-ID: <20130919140634.28aea421@opensuse.site> In-Reply-To: <523AA55F.4030604@gmail.com> References: <1378484333-13577-1-git-send-email-jonmccune@google.com> <1378484333-13577-3-git-send-email-jonmccune@google.com> <20130906234845.4eb45795@opensuse.site> <20130907133350.0a9f7c5d@opensuse.site> <523AA55F.4030604@gmail.com> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.18; x86_64-suse-linux-gnu) Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/E_YzJp6suo1ier=N_kq/M_a"; protocol="application/pgp-signature" X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2a00:1450:4010:c03::231 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Sep 2013 10:06:59 -0000 --Sig_/E_YzJp6suo1ier=N_kq/M_a Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable =D0=92 Thu, 19 Sep 2013 09:18:55 +0200 Vladimir '=CF=86-coder/phcoder' Serbinenko =D0=BF=D0=B8= =D1=88=D0=B5=D1=82: > On 07.09.2013 11:33, Andrey Borzenkov wrote: > > So just use another environment block for untrusted variables, that's > > all. I do not see why any change in sources is required. > Trouble is that right now we unconditionally load all variables from > block, whether trusted or not. So by modifying untrusted but loaded > block you can override core variables i.a. check_signatures. That's why > some ability to filter is required. >=20 Yep, I realized this after replying. So extending load_env to take environment variable names is needed (somehow I was sure it already supported it). --Sig_/E_YzJp6suo1ier=N_kq/M_a Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlI6zKwACgkQR6LMutpd94zumgCeN30PXyFTMeocoyclCTbo3uVj ot0An1JW576D1VE+nuuojKIQFvoUvrBt =G+ld -----END PGP SIGNATURE----- --Sig_/E_YzJp6suo1ier=N_kq/M_a--