On 12/05/2013 04:20 PM, Jonathan McCune wrote: > On Thu, Dec 5, 2013 at 10:10 AM, Colin Watson <cjwat...@ubuntu.com> wrote: > >> I think we should identify the call sites that really need restricted >> permissions, explicitly lock them down, and open things back up for >> everything else. > > I agree that this policy makes more sense.
fwiw, i agree with Jonathan and Colin that the default should be readable, and that we should only lock down specific files when we know that there is a need. i've argued for locking down the initramfs when it contains secret key material in http://bugs.debian.org/536195 so i'm aware that there are legitimate read-sensitivity concerns for some bootloader-available data. I'm really glad that the issue is taken seriously by the GRUB team. i just don't think files should be unreadable by default, because i prefer the ease of collaborative maintenance (as highlighted by Colin) and the general principle of system transparency for users where it does not present a security risk. --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel