>> by a Windows application. Thanks for any information. Should the lockdown >> for NTFS remain, is it here to stay indefinitely? > >We did a lot of work to improve the NTFS code but still we are not sure >it is fully correct. If somebody will do full NTFS code analysis and >properly fix all (potential) problems then I think we could consider >removing this filesystem from lockdown. I will attempt to do a full NTFS code analysis for correctness (from the point of view of avoiding vulnerabilities - not necessarily ensuring full compliance to the NTFS specification). I plan to exclude NTFS compression from this analysis as I assume it's not the majority of use cases, but let me know if that's not the case. I'll share any fixes / findings once I complete this in an attempt to get NTFS allowed in lockdown.
Thanks, Andrew On Thu, Feb 20, 2025 at 10:44 AM Daniel Kiper <dki...@net-space.pl> wrote: > > Hi Petr, > > On Wed, Feb 19, 2025 at 09:15:50AM +0100, Petr Řehák wrote: > > Hello, > > > > why is there a lockdown for the NTFS file system, please? Is it vulnerable > > as well when no CVE exists for it? We are developers of computer-aided > > assistive technology for blind and visually impaired Windows users and this > > will prevent our GRUB to communicate with Windows, supplying necessary > > information through the Environment Block on a NTFS volume which can be read > > Why could not you store environment block on ESP? > > > by a Windows application. Thanks for any information. Should the lockdown > > for NTFS remain, is it here to stay indefinitely? > > We did a lot of work to improve the NTFS code but still we are not sure > it is fully correct. If somebody will do full NTFS code analysis and > properly fix all (potential) problems then I think we could consider > removing this filesystem from lockdown. > > Daniel > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
