On 16/11/2016 19:10, [email protected] wrote: > Does this affect QubesOS? > > https://threatpost.com/cryptsetup-vulnerability-grants-root-shell-access-on-some-linux-systems/121963/ >
Looks like a fairly low priority to me. You can get initramfs shell in a Busybox and have access to /boot (on some systems) and see the encrypted drives. Some articles seemed to imply that you'd have access to the decrypted data (which isn't possible!). A good time to ask if Qubes encrypts /boot in it's LUKS setup. I've not checked myself. You'd get the same effect if you boot via GRUB to an initrd shell. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/72fa3b43-d246-c136-76b7-bbf214dd39cb%40gmsl.co.uk. For more options, visit https://groups.google.com/d/optout.
