Am Sonntag, den 06.09.2009, 14:38 +0100 schrieb Colin Watson: > On Sun, Sep 06, 2009 at 02:29:03PM +0200, Felix Zielcke wrote: > > Currently grub-mkconfig uses chmod 444 on the newly generated grub.cfg > > Wouldn't it be better to use 400 now that we have plaintext password > > support? > > Or should we add support for a GRUB_CHMOD variable so users can override > > this setting as they please? > > I'd prefer to see this done only if they set a password. A GRUB_CHMOD > variable seems overkill, though.
> > Else I'd need to add a /etc/grub.d/999_chmod file in grub-installer > > which changes the mode of grub.cfg.new if the user wants to have a > > password. > > I think it'd be more sensible to do this in grub-mkconfig itself - it > doesn't really fit well into the /etc/grub.d/ hook system, which is > really just for generating output. You mean we check with grep if there's a password line in the generated config and then just use chmod 400 instead of 444? Sounds good. -- Felix Zielcke Proud Debian Maintainer _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
