From: lsorense@csclub.uwaterloo.ca (Lennart Sorensen)
To: The development of GNU GRUB <grub-devel@gnu.org>
Subject: Re: Guidance on conflicts between GNU GRUB and proprietary software
Date: Tue, 28 Sep 2010 10:57:55 -0400 [thread overview]
Message-ID: <20100928145755.GS8579@caffeine.csclub.uwaterloo.ca> (raw)
In-Reply-To: <AANLkTi=FgqQcX9oyQu97T-TubGVNmfCyyq6pquyNP2sR@mail.gmail.com>
On Mon, Sep 27, 2010 at 11:44:10PM -0500, richardvoigt@gmail.com wrote:
> Is it a security hole if the linux superuser can write to /dev/sda ? If you
> block this level of access, how's fdisk (or any number of other partition
> managers) supposed to do its job? How's one supposed to install grub in the
> first place, if access to those blocks is forbidden by every OS?
>
> We are talking about the owner of the machine, and software they choose to
> run. An OS that prevented the owner from having full control over his own
> machine would be something to complain about, letting the owner write to his
> boot track is not.
>
> If we think there's a real security hole here, like unprivileged
> applications able to overwrite grub code, I'll go advocate with Microsoft to
> have it fixed. Until then I just agree that it's a tragedy that
> applications which aren't bootloaders or partition managers mess around in
> this area, but it shouldn't be up to the OS to decide which applications run
> by the superuser are specially privileged to manage partitions, and which
> aren't.
Given the majority of Windows user's skill level, it probably is a
security hole. Asking for permission to do administrator work is one
thing. Asking for permission to do raw disk access is quite another
(and windows makes no distinction at all between the two). After all
installing shared files and services requires admin. This should not
give the installer permission to do far more than that.
If Microsoft cared about their users they would not give out 'windows
compatible' logos to anything that pulled of dirty tricks like writing
to track 0. Of course that would never happen.
After all this has already killed full drive encryption for some people,
and it is killing boot loaders for some people too. It is obviously a
bad idea and should be stopped. Microsoft could probably put a stop to
it, but I doubt they care. Wouldn't want to offend Adobe or Autodesk
or some other big important windows software provider.
> Yours truly,
> R Benjamin Voigt
> Microsoft Visual C++ MVP and Windows private beta tester
>
> P.S. Does anyone know if the Linux versions of those same proprietary
> license managers abuse the boot track like their Windows behavior?
Based on what I have managed to find out about it, no, the Linux versions
don't do this. Perhaps the developers figured linux users were smarter
and knew how to spot stupid misuse of sectors on their disks and work
around it, so it wouldn't be effective anyhow.
--
Len Sorensen
next prev parent reply other threads:[~2010-09-28 14:58 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-23 22:19 Guidance on conflicts between GNU GRUB and proprietary software Colin Watson
2010-09-24 0:27 ` Lennart Sorensen
2010-09-24 14:09 ` Richard Stallman
2010-09-28 4:44 ` richardvoigt
2010-09-28 4:55 ` Bogdan
2010-09-28 8:04 ` Colin Watson
2010-09-28 9:10 ` Bogdan
2010-09-28 9:41 ` Colin Watson
2010-09-28 9:51 ` Bogdan
2010-09-28 10:25 ` Colin Watson
2010-09-28 10:40 ` Bogdan
2010-09-28 11:49 ` Colin Watson
2010-09-28 14:50 ` Lennart Sorensen
2010-09-28 15:05 ` Bogdan
2010-09-28 18:18 ` Grub2 Install Image Dee Sharpe
2010-09-28 21:45 ` Dmitry Ilyin
2010-09-28 15:40 ` Guidance on conflicts between GNU GRUB and proprietary software Phillip Susi
2010-09-28 16:18 ` Colin Watson
2010-09-28 17:52 ` Phillip Susi
2010-09-28 19:05 ` Vladimir 'φ-coder/phcoder' Serbinenko
2010-09-28 19:15 ` Lennart Sorensen
2010-09-28 19:43 ` Vladimir 'φ-coder/phcoder' Serbinenko
2010-09-28 20:07 ` Lennart Sorensen
2010-09-28 20:58 ` Vladimir 'φ-coder/phcoder' Serbinenko
2010-09-28 21:15 ` Lennart Sorensen
2010-09-28 21:34 ` Vladimir 'φ-coder/phcoder' Serbinenko
2010-09-28 19:22 ` Phillip Susi
2010-09-28 21:46 ` Grégoire Sutre
2010-09-28 22:11 ` Vladimir 'φ-coder/phcoder' Serbinenko
2010-09-29 10:00 ` Grégoire Sutre
2010-09-28 19:11 ` Vladimir 'φ-coder/phcoder' Serbinenko
2010-09-28 14:57 ` Lennart Sorensen [this message]
2010-09-28 9:01 ` Vladimir 'φ-coder/phcoder' Serbinenko
2010-09-24 10:57 ` Brendan Trotter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100928145755.GS8579@caffeine.csclub.uwaterloo.ca \
--to=lsorense@csclub.uwaterloo.ca \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).