Bug#677537: please secure access to grub.cfg with password* information
Sergey B Kirpichev
skirpichev at gmail.com
Thu Jun 14 16:42:01 UTC 2012
Package: grub-common
Version: 1.98+20100804-14+squeeze1
Tags: patch security
Severity: minor
grub.cfg with password_pbkdf2 is still readable for anyone. It's not
too bad to restrict file access in this case too (for now,
debian/patches/grub.cfg_400.patch does it only if this file has
"password" directive).
Sid's version affected too.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: grub-mkconfig.patch
Type: text/x-diff
Size: 373 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-grub-devel/attachments/20120614/519bbaa6/attachment.patch>
More information about the Pkg-grub-devel
mailing list