James Courtier-Dutton wrote: > 2009/9/26 Vladimir 'phcoder' Serbinenko <phco...@gmail.com>: > >> James Courtier-Dutton wrote: >> >>> 2009/9/26 Vladimir 'phcoder' Serbinenko <phco...@gmail.com>: >>> >>> >>>> It's generally a bad idea to chase grub out of MBR+embed area. It often >>>> results in unreliable configurations. Could you detail your usecase so >>>> we can seek for a bettere solution? >>>> >>>> >>> The other thing sitting in the embedded area is a whole disc encryption >>> product. >>> It takes up about 60 sectors of the 64 sectors of the embedded area. >>> >>> >> I guess you speak about truecrypt. In this case the solution I would >> recommend is to make grub load truecrypt's embedding area from a file on >> the disk (it probably can be extracted from truecrypt w/o installing >> booter). It's not a difficult task, just nobody did it yet (volunteers >> are welcome). >> Beware that truecrypt is distributed under a license which has legal >> danger to the end user. >> https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt >> Of course it's your choice to use it or not but I would suggest to avoid >> such software especially for the data you need to protect >> > > It is not truecrypt. > I would argue that a "full disk encryption" product should be in the > boot sector/embedded area and everything else, even grub should load > after it. > > It has no benefit other than giving you a wrong impression of additional security (feel free to expose your arguments). Actually having grub before disk encryption is beneficial for configuration purposes (encryption program is only loaded when needed) > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > http://lists.gnu.org/mailman/listinfo/grub-devel > >
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
