The last stage is much simpler. Just put /boot/ in a crypted filesystem (we
have a patch liing around which is pending to merge).
Yes, that would also be an idea.
Then the filesystem needs the authentication.
Encrypted filesystems don't prevent some attacks as inconsistent
rollback. Suppose that some program is written like
if (!authenthicated)
return error;
Let's say this is in sector X on disk. But then author added something
before this function and this code is shifted to the sector X+1. However
attacker has kept the previous sector X+1. Then he rewrites the sector
X+1 with its previous version and bypasses the authentication. It's
difficult attack but is still possible. Actually mac checksumming or
signatures are better way to protect the system. Encrypting mainly
protects from someone looking at data but isn't so good in
detecting/protecting from modification. And normally you have no reason
to hide you linux system partition. Additionally hashes are faster then
encryptions.
That only leaves MBR and core.img. You can either check both from firmware
(does any BIOS allow this?) or do some funny gimmicks in MBR ;-)
There might be some boot virus protections, that could be abused. Or otherwise -
coreboot.
Yes. My BIOS has boot virus protection but I haven't tested yet how it works
--
Regards
Vladimir 'phcoder' Serbinenko
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/grub-devel
