On Wed, Sep 03, 2008 at 08:49:14PM +0300, Vesa Jääskeläinen wrote: > > Possibilites are there, but basically they are limited to something like: > > (ata0) (pci-X-Y-Z:ata0) (usb-X-Y:scsi0) (pci-X-Y-Z:scsi0)
I think this is overkill, and doesn't really address the root of the problem. The real security problem here is whether the executable code you're loading is trusted, NOT where you load the code from. When you use crypto checksums, if you get a match why would you care if you're loading from (some-safe-disk) or from (evil-place)? It's the same data! -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all." _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
