If the code that does the authentication is loaded from the encrypted partition,
without being checked, this is true, but we assume, that core.img is already
loaded (and checked), so the authentication code is not on the encrypted
partition, and can detect any tampering.
As far as I understood Robert Millan was suggesting that just encrypting
(but not verifying) your kernel is enough. I wanted to show wha it isn't
--
Regards
Vladimir 'phcoder' Serbinenko
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/grub-devel
