From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with archive (Exim 4.43)
	id 1MrfQl-0000w3-Hu
	for mharc-grub-devel@gnu.org; Sat, 26 Sep 2009 18:07:51 -0400
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MrfQj-0000vc-DS
	for grub-devel@gnu.org; Sat, 26 Sep 2009 18:07:49 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MrfQc-0000u5-S0
	for grub-devel@gnu.org; Sat, 26 Sep 2009 18:07:47 -0400
Received: from [199.232.76.173] (port=54909 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MrfQc-0000u2-KD
	for grub-devel@gnu.org; Sat, 26 Sep 2009 18:07:42 -0400
Received: from mail-fx0-f205.google.com ([209.85.220.205]:49655)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <phcoder@gmail.com>) id 1MrfQc-0006Di-3y
	for grub-devel@gnu.org; Sat, 26 Sep 2009 18:07:42 -0400
Received: by fxm1 with SMTP id 1so2862498fxm.31
	for <grub-devel@gnu.org>; Sat, 26 Sep 2009 15:07:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from
	:user-agent:mime-version:to:subject:references:in-reply-to
	:content-type:content-transfer-encoding;
	bh=HsUZnyEEyQ2iTv+otI35GWIk1WpLk4OhW16K4c3U7E8=;
	b=ViqINIMKe4rXZBjHNkipjl0xTI2Hkx+YB6yt8APaSFNHJEzyC9+vRJKuQKB5oi9Ogk
	0sf1BatuXbXgiUCDwu/kHZoUS8NTtYf/gNs7hoFzT8FEHmIWgyd2RGEUQV50h9Pd8mfy
	XrQGjpqCt9daWo2+vRuykMFo7LWDXElbrfSa8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:subject:references
	:in-reply-to:content-type:content-transfer-encoding;
	b=nroK4nQy2jp7PG2t2jPIruubkRUOdfDDSzHdAoomX+hTCw58fMXcg3BKxxfc8bJ2Jy
	x2Vnmq0UmuH2oeDBE3kMvsw29EgHx0St9X5A2m1c8UmkYHOgZUNBOWvLbdFWBVukMfYt
	K81jsIzCV01NC+11KOnlAnJy44rjTP0+Z2k64=
Received: by 10.86.13.37 with SMTP id 37mr2117260fgm.58.1254002860549;
	Sat, 26 Sep 2009 15:07:40 -0700 (PDT)
Received: from ?192.168.1.16? ([81.62.99.218])
	by mx.google.com with ESMTPS id e11sm2581423fga.16.2009.09.26.15.07.39
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Sat, 26 Sep 2009 15:07:40 -0700 (PDT)
Message-ID: <4ABE90AA.2010000@gmail.com>
Date: Sun, 27 Sep 2009 00:07:38 +0200
From: Vladimir 'phcoder' Serbinenko <phcoder@gmail.com>
User-Agent: Mozilla-Thunderbird 2.0.0.22 (X11/20090701)
MIME-Version: 1.0
To: The development of GRUB 2 <grub-devel@gnu.org>
References: <ad2655cb0909260128y1fe1902bm11dcdafebbba8906@mail.gmail.com>	<20090926085720.GV13423@riva.ucam.org>	<ad2655cb0909260207h8fc6da3tb23695d1ba39cad9@mail.gmail.com>	<4ABE2A10.2010302@gmail.com>
	<ad2655cb0909261457p1830bd0cq45b0ce1a62dd5730@mail.gmail.com>
In-Reply-To: <ad2655cb0909261457p1830bd0cq45b0ce1a62dd5730@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2)
Subject: Re: Protection of boot sector and embedded area
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: The development of GRUB 2 <grub-devel@gnu.org>
List-Id: The development of GRUB 2 <grub-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Sep 2009 22:07:49 -0000

James Courtier-Dutton wrote:
> 2009/9/26 Vladimir 'phcoder' Serbinenko <phcoder@gmail.com>:
>   
>> It's generally a bad idea to chase grub out of MBR+embed area. It often
>> results in unreliable configurations. Could you detail your usecase so
>> we can seek for a bettere solution?
>>     
>
> The other thing sitting in the embedded area is a whole disc encryption product.
> It takes up about 60 sectors of the 64 sectors of the embedded area.
>   
I guess you speak about truecrypt. In this case the solution I would
recommend is to make grub load truecrypt's embedding area from a file on
the disk (it probably can be extracted from truecrypt w/o installing
booter). It's not a difficult task, just nobody did it yet (volunteers
are welcome).
Beware that truecrypt is distributed under a license which has legal
danger to the end user.
https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt
Of course it's your choice to use it or not but I would suggest to avoid
such software especially for the data you need to protect
> I don't think that there is a standard way of managing who has
> priority over the embedded area.
> I think it would be good if one could put grub into the beginning of a
> partition.
> The problem with this is that I don't know if there is room to put
> grub at the beginning of an ext3
>  or lvm partition. If it were possible, it would make grub much more
> compatible with Dual boot systems.
>
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> http://lists.gnu.org/mailman/listinfo/grub-devel
>
>