Le ven. 19 août 2022, 21:05, Dimitri John Ledkov < dimitri.led...@canonical.com> a écrit :
> There is no need for that code on any signed grubs or upstream. Ports that > want to support this patch can have it conditionally compiled / enabled > only on that arch, but not other. > > For example, in Ubuntu we already use separate builds for signed & > unsigned bootloaders. Or one may keep grub-2.06 as separate source package. > It's not like those old platforms need any new features in the bootloader > ever again. > > The issue of insecure code is for signed bootloaders. Because there is a > separate level of protection that prevents replacing arbitrary bootloaders > (whilst potentially allow downgrade/upgrade attacks). Thus a responsible > upstream should drop this code. > This kind of consideration was taken into account when designing security system and even when GRUB2 itself was designed. The solution is modules whitelist. There are many modules that can be dropped from signed build not just filesystems but also commands or loaders. There is no need to cut old systems from new grub if existing infrastructure can handle it. > On Fri, 19 Aug 2022, 20:39 John Paul Adrian Glaubitz, < > glaub...@physik.fu-berlin.de> wrote: > >> On 8/19/22 20:09, Steve McIntyre wrote: >> > On Fri, Aug 19, 2022 at 04:03:38PM +0200, John Paul Adrian Glaubitz >> wrote: >> >>> On Aug 19, 2022, at 3:59 PM, Daniel Kiper <dki...@net-space.pl> >> wrote: >> >>> >> >>> If I do not hear any major objections in the following weeks I will >> >>> merge this patch or a variant of it in the second half of September. >> >> >> >> We’re still formatting our /boot partitions for Debian PowerPC for >> >> PowerMacs using HFS, so this change would be a breaking change for >> >> us. >> >> >> >> So, that would be a no from Debian’s side. >> > >> > Not so fast please, Adrian. At the risk of sounding harsh, non-release >> > old ports like powerpc *really* don't get to dictate things in Debian >> > terms. >> >> Add "Ports" to this. >> >> > As Daniel Axtens has been finding out, the HFS code is terrible in >> > terms of security. If you still need it for old/semi-dead machines, >> > maybe you should fork an older grub release and stay with that? >> >> I don't know what should be the deal with the security of a boot loader >> to be honest. If someone has access to your hardware so they can control >> your bootloader, you have much worse problems anyway. >> >> Forking is also a terrible idea as every forked package means having to >> track it manually. >> >> Adrian >> >> -- >> .''`. John Paul Adrian Glaubitz >> : :' : Debian Developer >> `. `' Physicist >> `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913 >> >> >> _______________________________________________ >> Grub-devel mailing list >> Grub-devel@gnu.org >> https://lists.gnu.org/mailman/listinfo/grub-devel >> > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel >
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
