lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 9 Feb 2013 23:45:55 -0500
From:	Theodore Ts'o <tytso@....edu>
To:	Chris Murphy <lists@...orremedies.com>
Cc:	linux-ext4@...r.kernel.org
Subject: Re: GRUB and the risk of block list corruption in extX

On Sat, Feb 09, 2013 at 05:17:58PM -0700, Chris Murphy wrote:
> On the other hand…
> 
> > There are some folks who are proposing that we use a bootloader inode:
> > for grub's benefit. 
> 
> Who are requesting this? If not GRUB's devs, it would seem there are
> other developers who are also paranoid.

Well, it was one of the participants (or observers) of 

     https://bugzilla.redhat.com/show_bug.cgi?id=872826

He posted on the linux-ext4 list a week or so ago:

    http://comments.gmane.org/gmane.comp.file-systems.ext4/36637

> > But it's not something that has been terribly high priority, since
> > it's basically more of a security blanket for the grub2 developers
> > more than anything else….
> 
> It may be a security blanket for grub2 developers. However, it
> appears to me users want a security blanket also.

Well, a participant of on the redhat bugzilla inquired about it.

If someone wants to send me some patches, I'm happy to review them.  I
personally think it's not a great use of time, but that's the
wonderful thing about open source.  You can always send patches.  :-)

> Despite my bias against two bootloaders (I think it's ridiculous,
> but then I prefer 1/2 a boot loader), the question I have is if a
> blocklist is really needed to find and load the 2nd boot loader?
> Because needing a blocklist in the VBR implies the first boot loader
> doesn't understand ext(4). If true, before engineering file system
> changes, users need to upgrade their ancient primary boot loader.

It's been a long time since I really spent a lot of time studying
grub, but my understanding is that the first boot loader (which fits
in the MBR) is just too small to have room to understand the ext[234]
file system; you can't really do a lot in 492 bytes of x86
assembly.....  That's why it uses a block list instead.

But honestly, I really don't care a whole lot about the emotional
insecurity of the grub2 developers, and if distributions are worried
about their users being insecure, they can always comment out the
alarmist message in grub2.  Or they can send me patches.  :-)

	 	    	       	    	     - Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists