On 19.02.2013 13:58, Martin Wilck wrote:

> Vladimir,
> 
> thanks for your thoughtful answer. I understand your concerns better now.
> 
> On 02/19/2013 10:37 AM, Vladimir 'φ-coder/phcoder' Serbinenko wrote:
> 
>> Suppose blocklist changes because of e.g. user mistake. Yet at the old
>> location there is still the old core.img. For the time being. So this
>> problem may go unnoticed for years yet if someone has the ability to
>> create new files on the disk in question, he creates ton of files with
>> copies of malicious sector, one of them will overwrite core and be
>> executed on next reboot.
> 
> Am I understanding correctly that the user mistake you describe must be
> some manipulation of "core.img" itself (e.g. running grub2-mkimage but
> now grub2-setup, which would classify as "mistake" in a blocklist setup)?

Yes. Such kind of mistakes. Or deleting GRUB and restoring it from backup.

> 
> Martin
>