Bug#713886: Cause discovered, but further steps hoped-for

[Colin Watson]

On Mon, Jun 24, 2013 at 06:45:20PM +0200, Hans Putter wrote:
> Indeed, this bug has been caused by the missing execution marks of
> all files in /etc/grub.d, as a test has proved.
> 
> Thanks for your hint!
> 
> To prevent further trouble, this should be documented in all the
> files which are connected with grub2.

That would be a pretty excessive number of files!  Besides, once we make
the change indicated in this bug's new title there should be no need for
additional documentation.

> Furthermore, all procedures which touch /boot/grub/grub.cfg should be
> obliged :
> 
> - to create a security copy of this file and to announce its name and
>   directory to the user;

This is *not* a security problem.  No vulnerability exists here; it was
a failed upgrade whose proximate cause was, I'm afraid, an
inadequately-tested local change of a kind that we didn't insure against
quite well enough.  It doesn't in general help to try to turn bugs into
security problems.

> - to ask the user in case of leaving grub.cfg empty, whether he wants
>   to continue. If he does not, grub.cfg must be restored with the
>   original content before the procedure goes to exit.

As I mentioned in an earlier message, and retitled this bug to that
effect, the correct fix here is to have grub-script-check return an
error when checking a file with no useful commands.  Once that is done,
everything will work as you request.

> I hope that the Debian developers and their security team agree to
> this demand

Perhaps this is just a language-barrier thing, but you may not be aware
that in English the word "demand" is very peremptory, and comes across
as rude; it's the sort of thing a government does to citizens who fail
to pay their taxes.  You may have meant "request".

Cheers,

-- 
Colin Watson                                       [cjwatson at debian.org]