URL: <https://savannah.gnu.org/bugs/?62380>
Summary: New special environment variable to control default menu security Project: GNU GRUB Submitted by: stallion Submitted on: Thu 28 Apr 2022 01:17:52 PM UTC Category: Security Severity: Major Priority: 5 - Normal Item Group: Feature Request Status: None Privacy: Public Assigned to: None Originator Name: Steven Stallion Originator Email: sstall...@gmail.com Open/Closed: Open Release: Release: Git master Discussion Lock: Any Reproducibility: Every Time Planned Release: None _______________________________________________________ Details: When enabling secure boot, it can be a pain to track down all uses of menuentry and submenu to change security flags (eg. defaulting to --unrestricted). I'd like to propose a new special environment variable named `menu_security', which defines a default that is applied to a configuration if a security flag is not specified on an entry. I think this would simplify configuration substantially, especially for files other than 10_linux that do not have a CLASS variable defined. I have a little bit of time this week - I'll try to put together a candidate patch to see what folks think. _______________________________________________________ Reply to this item at: <https://savannah.gnu.org/bugs/?62380> _______________________________________________ Message sent via Savannah https://savannah.gnu.org/