From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1KarW1-0001Fs-U6 for mharc-grub-devel@gnu.org; Wed, 03 Sep 2008 08:31:17 -0400 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1KarW0-0001DC-GN for grub-devel@gnu.org; Wed, 03 Sep 2008 08:31:16 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1KarVz-0001Bj-Cy for grub-devel@gnu.org; Wed, 03 Sep 2008 08:31:15 -0400 Received: from [199.232.76.173] (port=36522 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1KarVz-0001BV-7e for grub-devel@gnu.org; Wed, 03 Sep 2008 08:31:15 -0400 Received: from fg-out-1718.google.com ([72.14.220.155]:50063) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1KarVz-00041b-IH for grub-devel@gnu.org; Wed, 03 Sep 2008 08:31:15 -0400 Received: by fg-out-1718.google.com with SMTP id l26so157344fgb.30 for ; Wed, 03 Sep 2008 05:31:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type:content-transfer-encoding; bh=Erl4airxD7s8+YwiLnhqPl9EUw/0o4uOFHDNEOvvHP0=; b=oLeTQHbgTGnEBj7yfuxv8vWt/dXFCpLixcptdN162xwtCH78JYEQBB+GMNP1DTA2RX K6UJ4Ks4/6vhg/IfLHm9UMyBKb3KpBfgXXo7lMYvXrhdgFDyUxPDMtJrfCEo7Ukw+Rzg itnoRLajlKGFsxuZO5gxHxRot/ECXZ7CA8z+w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; b=yAz6/KuBAsruPVWi/uS9mYvPuc/518ab+EYkYLRlt0mObgr5Afy2lfXhLp/xAizN4u G2IPBekwT/P7Ok0HcGIoClg2gMC5NZM+uXg9RX6HecyoQzPa44adwjFNUBdcntPw0Y2Z YE42Pf4SYekTpxo5oddtTDldjTE0+U4VvLcVk= Received: by 10.86.79.19 with SMTP id c19mr6630350fgb.5.1220445074182; Wed, 03 Sep 2008 05:31:14 -0700 (PDT) Received: from ?192.168.1.15? ( [83.76.170.177]) by mx.google.com with ESMTPS id 4sm9764761fgg.4.2008.09.03.05.31.12 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 03 Sep 2008 05:31:12 -0700 (PDT) Message-ID: <48BE838E.9090204@gmail.com> Date: Wed, 03 Sep 2008 14:31:10 +0200 From: phcoder User-Agent: Thunderbird 2.0.0.16 (X11/20080724) MIME-Version: 1.0 To: The development of GRUB 2 References: <48BE5DE9.4090302@gmail.com> <20080903103654.GC29762@thorin> In-Reply-To: <20080903103654.GC29762@thorin> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-detected-kernel: by monty-python.gnu.org: Linux 2.6 (newer, 2) Subject: Re: [RFC] Boot parameters and geometrical stability X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Sep 2008 12:31:16 -0000 Robert Millan wrote: > On Wed, Sep 03, 2008 at 11:50:33AM +0200, phcoder wrote: >> Hello, all. >> Now when core image can be booted by multiple sources perhaps it would >> be a good idea to recieve some boot arguments in case boot method (e.g. >> multiboot) supports it. Probably the best way is to recieve pairs >> which can be easily imported to environment. > > I assume you talk about GRUB loading itself; what kind of information would > you pass from one GRUB to the other? Boot device, configuration file, parameters for scripts. But much more useful this is for network boot. In this case GRUB can recieve server info in boot parameters so when this info changes there is no need to regenerate grub images. > >> but this comprises a >> security risk in case an attacker can plug a device (cdrom, floppy, >> USB-memory,..) containing a partition with the same UUID. What do you >> think about it > > I think people who want this level of security (i.e. local media is not > trusted) should use crypto checksums to verify they're loading what they > expected, with or without UUIDs. > I was thinking about the scenario when ide drives are trusted but not USB or removable devices. Cryptographic checksums wouldn't bring much because if attacker can modify harddrive he can also modify GRUB to skip checksum check. Vladimir 'phcoder' Serbinenko