> Please stop this code bloat! Just the fact that people want (or
> even
> implement) some features doesn't mean that such code should
> become part of
> the official GNU GRUB.
Relax. I really have no interest in making anything official
or otherwise. I just wanted the functionality for my own use and
wanted to know whether it could be done.
> The console should be properly secured. The keyboard can be
> secured. The
> serial line can be secured. Ethernet is much harder to secure.
> There
> are often hundreds computers on the same segment.
I'm not quite sure I buy this security argument. We already
have netboot etc. which runs over ethernet. That works via an
initial broadcast on the network. How will displaying a console
over a preconfigured MAC address be any more insecure than that?
> Serious protocols like TCP/IP should be handled by serious
> OS'es, not by
> bootloaders.
I was not proposing that full TCP/IP be implemented in Grub.
We won't need it. As the previous reply said, maybe TFTP protocol
can be adopted for this purpose. Assuming that serial console
support is going to be provided in the future anyway, it seems
possible to provide the trasport over the network using TFTP
packets (maybe... Obviously, I don't know whether it can be done
for sure) instead of the serial line.
>The same applies to the encryption. We don't want
> more
> security holes in GNU programs. If other people want those
> holes it is
> their problem. It is also their responsibility to secure their
> networks.
> GNU GRUB, as it is released by FSF, should not (IMHO) ship with
> potential
> security holes, splash screens, startup sounds, embedded IPv6,
> kerberos
> and OpenGL support :-)
As I said, I don't care one way or the other about the official
status of this facility. I already pointed out the problems with
your security arguments. And considering the potential
enhancement in functionality and the tremendous convenience it
can offer to network administrators, I don't think it's fair to
compare this to things like splash screens and startup sounds.
Cheers
Chetan
__________________________________________________
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/
