mirror of
https://github.com/webmin/webmin.git
synced 2026-06-05 04:40:24 +01:00
523d68c67a
Adds a Webmin GRUB 2 module for inspecting boot entries, editing defaults, custom entries, themes, password protection, BLS-aware kernel options, safe menu regeneration, boot loader installation, manual config editing, status reporting, ACLs, backups, logging, and tests.
16 lines
938 B
HTML
16 lines
938 B
HTML
<header>Current protection</header>
|
|
<p>GRUB password protection adds a GRUB superuser account to the generated boot
|
|
menu. GRUB asks for this password when someone tries to use the GRUB command
|
|
line or edit boot menu entries. Depending on how menu entries are generated, it
|
|
may also be required to boot entries that are not marked as unrestricted.</p>
|
|
|
|
<p>This is useful on kiosks, lab systems, shared consoles, and other systems
|
|
where an untrusted person may reach the boot menu. It helps stop simple boot
|
|
menu attacks such as editing kernel parameters, starting a GRUB shell, or
|
|
booting an unrestricted recovery entry.</p>
|
|
|
|
<p>It does not protect against someone who can change firmware boot settings,
|
|
boot from other media, remove the disk, modify an unencrypted boot partition, or
|
|
log in as root. Use it with firmware security, Secure Boot, encrypted storage,
|
|
and normal operating system access controls when those threats matter.</p>
|