mirror of
https://src.fedoraproject.org/rpms/grub2.git
synced 2024-11-28 15:46:53 +00:00
bf8e18bc1d
- Fix security issue when reading username and password Related: CVE-2015-8370 - Do a better job of handling GRUB2_PASSWORD Related: rhbz#1284370 Signed-off-by: Peter Jones <pjones@redhat.com>
44 lines
1.3 KiB
Diff
44 lines
1.3 KiB
Diff
From e5e933f4fd449301fc1856db31ef1167b4867cd1 Mon Sep 17 00:00:00 2001
|
|
From: Peter Jones <pjones@redhat.com>
|
|
Date: Fri, 4 Dec 2015 09:28:38 -0500
|
|
Subject: [PATCH 76/76] 01_users: Handle GRUB_PASSWORD better.
|
|
|
|
Only handle GRUB2_PASSWORD not GRUB_PASSWORD.
|
|
|
|
Related: rhbz#1284370
|
|
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
---
|
|
util/grub-setpassword.8 | 2 +-
|
|
util/grub.d/01_users.in | 2 +-
|
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/util/grub-setpassword.8 b/util/grub-setpassword.8
|
|
index 5973abe..49200a8 100644
|
|
--- a/util/grub-setpassword.8
|
|
+++ b/util/grub-setpassword.8
|
|
@@ -9,7 +9,7 @@
|
|
\fBgrub-setpassword\fR outputs the user.cfg file which contains the hashed GRUB bootloader password. This utility only supports configurations where there is a single root user.
|
|
|
|
The file has the format:
|
|
-GRUB_2PASSWORD=<\fIhashed password\fR>.
|
|
+GRUB2_PASSWORD=<\fIhashed password\fR>.
|
|
|
|
.SH OPTIONS
|
|
.TP
|
|
diff --git a/util/grub.d/01_users.in b/util/grub.d/01_users.in
|
|
index facd409..db2f44b 100644
|
|
--- a/util/grub.d/01_users.in
|
|
+++ b/util/grub.d/01_users.in
|
|
@@ -2,7 +2,7 @@
|
|
cat << EOF
|
|
if [ -f \${prefix}/user.cfg ]; then
|
|
source \${prefix}/user.cfg
|
|
- if [ -n \${GRUB2_PASSWORD} ]; then
|
|
+ if [ -n "\${GRUB2_PASSWORD}" ]; then
|
|
set superusers="root"
|
|
export superusers
|
|
password_pbkdf2 root \${GRUB2_PASSWORD}
|
|
--
|
|
2.5.0
|
|
|