[Bug 718670] Re: authorisation not applied to submenus

Mike Long 718670 at bugs.launchpad.net
Thu Apr 24 22:39:51 UTC 2014 

This guide to Grub2 password protection references the fix in post #11.

https://help.ubuntu.com/community/Grub2/Passwords#Superuser_.26_Password_Designation_.28Required.29

~~~~
set superusers="root"
export superusers
password_pbkdf2 root ...
~~~~

However, in their example, instead of placing "export superusers"
immediately after "set superusers", they place it after the
"password/password_pbkdf2" line.

set superusers="John"
password John foo
export superusers

I'm using the latter on Ubuntu 12.04.4 LTS x86_64 just because it's from
a more official source, but I'm thinking it might be better from a
security perspective to follow post #11 and export superusers
immediately after its been defined.

Can anyone provide any insight into what would be best practice here?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/718670

Title:
  authorisation not applied to submenus

Status in “grub2” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: grub2

  Using the password-function "pbkdf2" of grub2, two different solution
  depending on "sub-menu" is used (Previous Linux Versions) or not:

  Using the latest Kernel -> the name of the superuser and the password
  will be asked correctly!

  Starting the computer new and selecting the "submenu-function" you can
  use  the

   * edit-funtion as well as to "E-key"

   * cmdline-function "C-key"

  without any authorization!!

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: grub-common 1.99~rc1-2ubuntu1
  ProcVersionSignature: Ubuntu 2.6.38-3.30-generic 2.6.38-rc4
  Uname: Linux 2.6.38-3-generic x86_64
  Architecture: amd64
  Date: Mon Feb 14 12:18:49 2011
  ProcEnviron:
   LANGUAGE=de_DE:de:en_GB:en
   PATH=(custom, no user)
   LANG=de_DE.UTF-8
   LC_MESSAGES=de_DE.utf8
   SHELL=/bin/bash
  SourcePackage: grub2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/718670/+subscriptions

More information about the foundations-bugs mailing list