On Sun, Feb 10, 2008 at 03:00:31PM -0500, Isaac Dupree wrote:
Robert Millan wrote:
On Sun, Feb 10, 2008 at 01:00:50PM -0500, Isaac Dupree wrote:
anyway if a hash is used that takes (by design) around one second on the
machine (e.g. sha256 repeated thousands? millions? of times), then I
suppose the time taken to erase the memory used by GRUB would be trivial
in comparison, assuming(rightly or wrongly) a good implementation...
The problem is not time, it's just to find the right way to do it.
yeah. probably involves thinking about GRUB's allocation and
deallocation mechanisms, which I don't know anything about and don't
have time to investigate :-/
This should address your concern. As to why I propose to put this in unset
command rather than kernel, since GRUB itself doesn't have any mechanisms
where a variable would contain sensible information, I think it's better to
protect user variables only.