From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.71)
	id 1U7qpL-0005DS-NA
	for mharc-grub-devel@gnu.org; Tue, 19 Feb 2013 12:17:59 -0500
Received: from eggs.gnu.org ([208.118.235.92]:34370)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <martin.wilck@ts.fujitsu.com>) id 1U7qpG-0005Ce-07
	for grub-devel@gnu.org; Tue, 19 Feb 2013 12:17:58 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <martin.wilck@ts.fujitsu.com>) id 1U7qpC-0007u1-AH
	for grub-devel@gnu.org; Tue, 19 Feb 2013 12:17:53 -0500
Received: from dgate10.ts.fujitsu.com ([80.70.172.49]:6075)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <martin.wilck@ts.fujitsu.com>) id 1U7qpB-0007tH-Sm
	for grub-devel@gnu.org; Tue, 19 Feb 2013 12:17:50 -0500
DomainKey-Signature: s=s1536a; d=ts.fujitsu.com; c=nofws; q=dns;
	h=X-SBRSScore:X-IronPort-AV:Received:X-IronPort-AV:
	Received:Message-ID:Date:From:Organization:User-Agent:
	MIME-Version:To:Subject:References:In-Reply-To:
	X-Enigmail-Version:Content-Type:Content-Transfer-Encoding;
	b=WGIpzVlYY8fPjdHx6t1BZhMib/26evcbX7szP8S0lJfzLah68WDv4Woq
	9BFM8tQ3upMAfZFNzt+0gxM2vOy7ISxPbtAV5gRiJZsnbPOudKgIO3Uj4
	PJ0fVh4d8KbK50LGfVHGCFUBsYmQ5RPgRm5MCpR66vSTegVbJpO8mpa4a
	YiUWwT8dl7W2QfeDH+5Erv71dV9Mf/mNJLWNa0V9/jDmbWDVmDLadXqq7
	DY1T3YVgQwnC/I1IWPYyMyY/sOuPm;
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
	d=ts.fujitsu.com; i=@ts.fujitsu.com; q=dns/txt;
	s=s1536b; t=1361294269; x=1392830269;
	h=message-id:date:from:mime-version:to:subject:references:
	in-reply-to:content-transfer-encoding;
	bh=SWjAB7jMepNid5P3tvqU8jGUMBSxHJ7a2PAYwot7JKE=;
	b=M9r66vrr24DAxvjgJbwoJ5b2emkxiyaHmcb/vyDvdprI1RLb7G0/dZLj
	wFBbhxwmMZw+VLpWos4hCmbPMMC110ZPhFwyK/GJd3zKy0SYusnfWzZER
	DXbmA1I0bwdyrKm9vjdTvb8NauZIqbT21ldDMnsVOorCuXadhw89oEilE
	J5c6/OV7aOKO7A04MB5C2Z6ZZB72/qMpZBs4DXzkDABwhEb/wtTFrzSUa
	f52H2B+RzrbSYQ8iwSW1lR1EPvvqY;
X-SBRSScore: None
X-IronPort-AV: E=Sophos;i="4.84,696,1355094000"; d="scan'208";a="137413173"
Received: from unknown (HELO abgdgate60u.abg.fsc.net) ([172.25.138.90])
	by dgate10u.abg.fsc.net with ESMTP; 19 Feb 2013 18:17:46 +0100
X-IronPort-AV: E=Sophos;i="4.84,696,1355094000"; d="scan'208";a="55031256"
Received: from unknown (HELO cooper.psw.pdbps.fsc.net) ([172.25.253.64])
	by abgdgate60u.abg.fsc.net with ESMTP; 19 Feb 2013 18:17:46 +0100
Message-ID: <5123B3BA.3060702@ts.fujitsu.com>
Date: Tue, 19 Feb 2013 18:17:46 +0100
From: Martin Wilck <martin.wilck@ts.fujitsu.com>
Organization: Fujitsu Technology Solutions
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:17.0) Gecko/20130110 Thunderbird/17.0.2
MIME-Version: 1.0
To: grub-devel@gnu.org
Subject: Re: GRUB and the risk of block list corruption in extX
References: <51138645.4050405@ts.fujitsu.com>
	<CAEaD8JPvEzCy=msDCzezzAn25Nc-n6cLfSTU2Jao1z2MS3UbmA@mail.gmail.com>
	<51153345.2020509@ts.fujitsu.com>
	<0088990F-66E5-4F51-A9C4-3BD8963A6DA0@colorremedies.com>
	<512261FE.2090604@ts.fujitsu.com>
	<E2C68865-294D-47A5-846A-0C7CBDFBA9E5@colorremedies.com>
	<512347F2.4070901@gmail.com> <512376DB.6000908@ts.fujitsu.com>
	<51239EC2.5040203@gmail.com>
In-Reply-To: <51239EC2.5040203@gmail.com>
X-Enigmail-Version: 1.5.0
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 80.70.172.49
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: The development of GNU GRUB <grub-devel@gnu.org>
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Feb 2013 17:17:58 -0000

>> Am I understanding correctly that the user mistake you describe must be
>> some manipulation of "core.img" itself (e.g. running grub2-mkimage but
>> now grub2-setup, which would classify as "mistake" in a blocklist setup)?
> 
> Yes. Such kind of mistakes. Or deleting GRUB and restoring it from backup.

I agree that this is a serious scenario that everybody using block lists
should be wary about.

But I am not fully convinced that it justfies the strong warning
grub2-setup emits, let alone the conclusions the Fedora team drew from
it. After all, this scenario requires the user to make a serious mistake
as root, and we all know that this can have all kinds of really bad
consequences.

AFAICS, for extX/Linux at least, there is no risk scenario that doesn't
involve this kind of serious user mistake.

Martin

-- 
Dr. Martin Wilck
PRIMERGY System Software Engineer
x86 Server Engineering

FUJITSU
Fujitsu Technology Solutions GmbH
Heinz-Nixdorf-Ring 1
33106 Paderborn, Germany
Phone:			++49 5251 525 2796
Fax:			++49 5251 525 2820
Email:			martin.wilck@ts.fujitsu.com
Internet:		http://ts.fujitsu.com
Company Details:	http://ts.fujitsu.com/imprint