grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 7/7] verifiers: Verify after decompression

From: Ross Lagerwall
Subject: Re: [PATCH 7/7] verifiers: Verify after decompression
Date: Thu, 28 Mar 2024 14:55:20 +0000 
On Fri, Mar 15, 2024 at 7:26 AM Vladimir 'phcoder' Serbinenko
<phcoder@gmail.com> wrote:
>
> Verifying after decompression is a bad security practice. It relies on 
> decompression having no security holes. Given how complex decompression is, 
> this is almost guaranteed to be false.
>

Point taken... I'll drop this patch as it is not essential to the goal
of booting Secure Booting Xen via GRUB.

Thanks,
Ross
reply via email to
[Prev in Thread] Current Thread [Next in Thread]