|
From: | Jonathan McCune |
Subject: | Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce |
Date: | Fri, 6 Sep 2013 14:10:01 -0700 |
В Fri, 6 Sep 2013 09:18:50 -0700
Jon McCune <address@hidden> пишет:
What is the use case? load_env is called exactly once at the beginning
> This works by adding an open_envblk_file_untrusted() method that bypasses
> signature checking, but only if the invocation of load_env includes a
> whitelist of one or more environment variables that are to be read from the
> file.
of configfile processing. At this point file still has valid signature
assuming grub-editenv (or some other tool) computed one. When do you
need to load environment more than once?
[Prev in Thread] | Current Thread | [Next in Thread] |