Bug#611624: Upgrading grub2 removes password items
Wolfgang Gruhn
libellus at online.de
Mon Jan 31 12:10:26 UTC 2011
Package: grub2
Severity: normal
-- System Information:
Debian Release: 6.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
When grub2 is upgraded - e.g. by apt-get upgrade - then all superuser, users and password items are removed from grub.cfg, so that the admin is forced to insert them again. At least a warning should be issued; otherwise this bug means a grave security problem.
More information about the Pkg-grub-devel
mailing list