See https://github.com/a1ive/grub The developer has just added feature to disable using a grub2 variable:
export grub_disable_console=1 export grub_disable_edit=1 On Tue, 15 Sep 2020 at 01:55, Greg Silverman <[email protected]> wrote: > Is there any interest or ongoing activity in GRUB development to eliminate > the ability to edit the menu or enter the command shell? For security > reasons I would like to have that option. It would be more secure than > password protection. Even if the password is well protected, just deleting > the /boot/grub2/user.cfg file eliminates the protection. > > If the system does not boot from the OS disk we will be able to fix using > another boot media. > > Greg Silverman >
