To fix this bug use the attachment.
If mainteiners want to fix this bug they should replace string "crypttries=3"
to "crypttries=0" in /usr/share/initramfs-tools/scripts/local-top/cryptroot.
But may be better to deny access to shell in panic() function in
/usr/share/initramfs-tools/scripts/funct
Access to keyboard on booting system is not physical access. System may
have protected GRUB and firmware. Attacker may got priveleged shell
without physical access and damage data, firmware, or add keyloger into
/boot.
** Description changed:
You should have root filesystem encrypted by LUKS. S
There are any number of ways to get a privileged shell from a system
when physically present at booting. The important part is that your data
is still encrypted without the keys.
Thanks
** Changed in: initramfs-tools (Ubuntu)
Status: New => Invalid
--
You received this bug notification b
** Information type changed from Private Security to Public
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs
4 matches
Mail list logo