Why 28-backspace Vulnerability is not so Serious?

There have been news being circulated around regarding 28-backspace vulnerability of a Linux bootloader, Grub2.

Why this is not a serious problem? Because relying your security on bootloader is utterly stupid to begin with. If someone has a physical access to your machine, that means, they can easily bypass limitations set by a boot loader. It is a very simple feat to create a thumbdrive with a bootloader without such authentication in place, whether this vulnerability exists or not. Therefore, the existence of this vulnerability does not provide any difference from a security standpoint.

To protect a system with this type of issues, you’ll have to take steps like:

  • Limit physical access to the device.
  • Encrypt root partition

If only thing this protection on this Grub2 feature provides, that’s an illusion of security, maybe we are better off without this feature. (If someone’s so concerned about giving access to rescue shell so easily, in casual operation, then remove a rescue shell from Grub2 installation. If system administrator ever needs one, just boot from external media with rescue shell access.)