Hello, Okuji!
On Mon, 7 Aug 2000, OKUJI Yoshinori wrote:
> I'm not sure, as I don't know what other software packages are doing
> with network console. One of the ways I can imagine is to add a
> `telnetd' service into GRUB so that you could connect to a GRUB
> machine from a remote host. Probably this requires a lot of work,
> because you need to implement a TCP/IP framework.
Please stop this code bloat! Just the fact that people want (or even
implement) some features doesn't mean that such code should become part of
the official GNU GRUB.
The console should be properly secured. The keyboard can be secured. The
serial line can be secured. Ethernet is much harder to secure. There
are often hundreds computers on the same segment.
Serious protocols like TCP/IP should be handled by serious OS'es, not by
bootloaders. The same applies to the encryption. We don't want more
security holes in GNU programs. If other people want those holes it is
their problem. It is also their responsibility to secure their networks.
GNU GRUB, as it is released by FSF, should not (IMHO) ship with potential
security holes, splash screens, startup sounds, embedded IPv6, kerberos
and OpenGL support :-)
> Another way is to create a special protocol for the purpose and
> implement a client program for the protocol. This shouldn't be very
> difficult (as, for example, you can modify the TFTP protocol a bit),
> but this wouldn't be very convenient, because you cannot use
> "ordinary" programs which exist in almost all operating systems (such
> as `telnet').
Since we already have tftp we could make GRUB request some files
containing commands over tftp and execute them. The client program would
prepare those instructions.
But I hope that fixing Linux zImage support will have higher priority.
Regards,
Pavel Roskin
