Grub2 hack

I tried the reported method but nothing happened. Has anyone duplicated it?

http://www.zdnet.com/article/how-to-hack-any-linux-machine-just-using-backspace/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61

Do you have a password on grub?. Not may actually do. It really does little to protect anything since there are many ways to boot if you have physical possession.

I haven’t tried to reproduce it, but the openSUSE package in Factory and Tumbleweed does contain a fix for this already:

So if you tried there, it’s obvious that you can’t reproduce it… :wink:

An update for 13.1 and 13.2 is on the way as well:

No idea about Leap though, but I suppose it will be fixed there too.

On Tue, 22 Dec 2015 12:56:04 +0000, wolfi323 wrote:

> ionmich;2744312 Wrote:
>> I tried the reported method but nothing happened. Has anyone duplicated
>> it?
>>
>> http://tinyurl.com/zlo757j
> I haven’t tried to reproduce it, but the openSUSE package in Factory and
> Tumbleweed does contain a fix for this already:
> http://tinyurl.com/qesl426 So if you tried there, it’s obvious that you
> can’t reproduce it… :wink:
>
> An update for 13.1 and 13.2 is on the way as well:
> http://tinyurl.com/o4zfmlt
>
> No idea about Leap though, but I suppose it will be fixed there too.

An update came out for Leap a couple days ago.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Yes, but that doesn’t contain this fix. At least it’s not mentioned in the changelog… :wink:

grub2 comes from SLE12, so the (probable) update isn’t being prepared in the public OBS.

On Tue, 22 Dec 2015 18:26:01 +0000, wolfi323 wrote:

> hendersj;2744412 Wrote:
>> An update came out for Leap a couple days ago.
>>
> Yes, but that doesn’t contain this fix. At least it’s not mentioned in
> the changelog… :wink:
>
> grub2 comes from SLE12, so the (probable) update isn’t being prepared in
> OBS.

Ah, I thought I saw something indicating that the update included that
fix.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

I tried it with and without a password. I was just curious to test the claim.