On Tue, 8 Aug 2000, Pavel Roskin <[EMAIL PROTECTED]> wrote:
> Hello, Daniel!
>
>> > GNU GRUB, as it is released by FSF, should not (IMHO) ship with
>> > potential security holes,
>>
>> Can you identify the specific security holes you fear will be exposed
>> by the addition of encrypted image support to GRUB? I fully intend to
>> document the feature, including the warnings that simply having
>> encryption does not magically make it a 'secure' system...
>
> Even after documenting this feature remains confusing. Since you need
> this feature you probably know what it is for, but I'm afraid that
> many other people will consider this as useless bloat.
Well, confusing I agree with. Bloat, I don't, but that's academic, I
think. I do intend to have it (like diskless boot and network support)
compiled /out/ by default.
> I haven't read the documentation you are going to write, but it is
> very important to explain possible dangers. Possible scenario:
Amongst others. I do intend to explain that, basically, the security
depends on protecting the key, and how you might do that. Plus
references to good basic security texts for those who don't know it.
[...]
>> > kerberos and OpenGL support :-)
>>
>> These are probably not needed, though. ;)
>
> Nice to see that you agree with me on this point.
*grin* I think what we have here is a failure to see the same thing
when we look at GRUB.
Personally, I look at it and see something that could well count as a
PROM console or a real firmware support system of the i386 architecture.
You, I suspect (and not without some justification in your view), look
at it as a boot loader.
The two things do very different jobs, and so what is 'bloat' and what
is 'useful' are hard to define. Worse, we will probably never quite
agree about what they are.
I do feel strongly that adding insecure things to the code is a bad
idea, though. Especially as I am counting on it, to some degree, as part
of a security architecture. :)
Daniel
--
If you do what you should not, you must bear what you would not.
-- Ben Franklin
