[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security problem with GRUB 0.91
From: |
Yoshinori K. Okuji |
Subject: |
Re: Security problem with GRUB 0.91 |
Date: |
Tue, 22 Jan 2002 08:17:15 +0900 |
User-agent: |
Wanderlust/2.6.0 (Twist And Shout) SEMI/1.14.3 (Ushinoya) FLIM/1.14.3 (Unebigoryoae) APEL/10.3 Emacs/20.7 (i686-pc-linux-gnu) MULE/4.0 (HANANOEN) |
At Mon, 21 Jan 2002 17:33:28 -0500,
Aaron D. Marasco <address@hidden> wrote:
> I am guessing this problem exists in other versions also. If I go to a
> password protected menu option, I can happily press 'e' and see the
> password if it is plaintext. Even worse, I can choose the password command
> line and then delete it ('d') and then boot ('b') without the password
> prompt ever coming up.
I don't think it is a problem. If you don't protect the menu interface
itself, you can always run whatever with the command-line
interface. So it doesn't make sense to protect only entries anyway. It
is something like you set passwords for ordinary users but not for
root.
Thanks,
Okuji