syslinux + password bug?

susse · 2018-03-18 23:21:44

Hi,

i added a (master) password to syslinux.cfg

# Config file for Syslinux -
# /boot/syslinux/syslinux.cfg
#
# Comboot modules:
#   * menu.c32 - provides a text menu
#   * vesamenu.c32 - provides a graphical menu
#   * chain.c32 - chainload MBRs, partition boot sectors, Windows bootloaders
#   * hdt.c32 - hardware detection tool
#   * reboot.c32 - reboots the system
#
# To Use: Copy the respective files from /usr/lib/syslinux to /boot/syslinux.
# If /usr and /boot are on the same file system, symlink the files instead
# of copying them.
#
# If you do not use a menu, a 'boot:' prompt will be shown and the system
# will boot automatically after 5 seconds.
#
# Please review the wiki: https://wiki.archlinux.org/index.php/Syslinux
# The wiki provides further configuration examples

MENU MASTER PASSWD $1$........................
DEFAULT arch
PROMPT 0        # Set to 1 if you always want to display the boot: prompt
NOESCAPE 1
TIMEOUT 10
# You can create syslinux keymaps with the keytab-lilo tool
#KBDMAP de.ktl

# Menu Configuration
# Either menu.c32 or vesamenu32.c32 must be copied to /boot/syslinux
UI menu.c32
#UI vesamenu.c32

# Refer to http://syslinux.zytor.com/wiki/index.php/Doc/menu
MENU TITLE Arch Linux
#MENU BACKGROUND splash.png
MENU COLOR border       30;44   #40ffffff #a0000000 std
MENU COLOR title        1;36;44 #9033ccff #a0000000 std
MENU COLOR sel          7;37;40 #e0ffffff #20ffffff all
MENU COLOR unsel        37;44   #50ffffff #a0000000 std
MENU COLOR help         37;40   #c0ffffff #a0000000 std
MENU COLOR timeout_msg  37;40   #80ffffff #00000000 std
MENU COLOR timeout      1;37;40 #c0ffffff #00000000 std
MENU COLOR msg07        37;40   #90ffffff #a0000000 std
MENU COLOR tabmsg       31;40   #30ffffff #00000000 std

# boot sections follow
#
# TIP: If you want a 1024x768 framebuffer, add "vga=773" to your kernel line.
#
#-*

LABEL arch
    MENU PASSWD
    MENU LABEL Arch Linux
    LINUX ../vmlinuz-linux
    APPEND ................
    INITRD ../initramfs-linux.img

LABEL archfallback
    MENU PASSWD
    MENU LABEL Arch Linux Fallback
    LINUX ../vmlinuz-linux
    APPEND .........................
    INITRD ../initramfs-linux-fallback.img

#LABEL windows
#        MENU LABEL Windows
#        COM32 chain.c32
#        APPEND hd0 1

LABEL hdt
    MENU PASSWD
    MENU LABEL HDT (Hardware Detection Tool)
    COM32 hdt.c32

LABEL reboot
    MENU LABEL Reboot
    COM32 reboot.c32

LABEL poweroff
    MENU LABEL Poweroff
    COM32 poweroff.c32

Syslinux asks for a password when i hit ENTER to boot Arch Linux.
When i DON'T hit enter, syslinux boots Arch Linux automatically (here: after 1 second) without password prompt.
Bug?

Besides:
I just noticed /boot/syslinux/syslinux.cfg ist world-readable. Bad default security-wise regarding password-hashes/plaintext!?

Leonid.I · 2018-03-20 00:36:16

susse wrote:

Hi,

i added a (master) password to syslinux.cfg

# Config file for Syslinux -
# /boot/syslinux/syslinux.cfg
#
# Comboot modules:
#   * menu.c32 - provides a text menu
#   * vesamenu.c32 - provides a graphical menu
#   * chain.c32 - chainload MBRs, partition boot sectors, Windows bootloaders
#   * hdt.c32 - hardware detection tool
#   * reboot.c32 - reboots the system
#
# To Use: Copy the respective files from /usr/lib/syslinux to /boot/syslinux.
# If /usr and /boot are on the same file system, symlink the files instead
# of copying them.
#
# If you do not use a menu, a 'boot:' prompt will be shown and the system
# will boot automatically after 5 seconds.
#
# Please review the wiki: https://wiki.archlinux.org/index.php/Syslinux
# The wiki provides further configuration examples

MENU MASTER PASSWD $1$........................
DEFAULT arch
PROMPT 0        # Set to 1 if you always want to display the boot: prompt
NOESCAPE 1
TIMEOUT 10
# You can create syslinux keymaps with the keytab-lilo tool
#KBDMAP de.ktl

# Menu Configuration
# Either menu.c32 or vesamenu32.c32 must be copied to /boot/syslinux
UI menu.c32
#UI vesamenu.c32

# Refer to http://syslinux.zytor.com/wiki/index.php/Doc/menu
MENU TITLE Arch Linux
#MENU BACKGROUND splash.png
MENU COLOR border       30;44   #40ffffff #a0000000 std
MENU COLOR title        1;36;44 #9033ccff #a0000000 std
MENU COLOR sel          7;37;40 #e0ffffff #20ffffff all
MENU COLOR unsel        37;44   #50ffffff #a0000000 std
MENU COLOR help         37;40   #c0ffffff #a0000000 std
MENU COLOR timeout_msg  37;40   #80ffffff #00000000 std
MENU COLOR timeout      1;37;40 #c0ffffff #00000000 std
MENU COLOR msg07        37;40   #90ffffff #a0000000 std
MENU COLOR tabmsg       31;40   #30ffffff #00000000 std

# boot sections follow
#
# TIP: If you want a 1024x768 framebuffer, add "vga=773" to your kernel line.
#
#-*

LABEL arch
    MENU PASSWD
    MENU LABEL Arch Linux
    LINUX ../vmlinuz-linux
    APPEND ................
    INITRD ../initramfs-linux.img

LABEL archfallback
    MENU PASSWD
    MENU LABEL Arch Linux Fallback
    LINUX ../vmlinuz-linux
    APPEND .........................
    INITRD ../initramfs-linux-fallback.img

#LABEL windows
#        MENU LABEL Windows
#        COM32 chain.c32
#        APPEND hd0 1

LABEL hdt
    MENU PASSWD
    MENU LABEL HDT (Hardware Detection Tool)
    COM32 hdt.c32

LABEL reboot
    MENU LABEL Reboot
    COM32 reboot.c32

LABEL poweroff
    MENU LABEL Poweroff
    COM32 poweroff.c32

Syslinux asks for a password when i hit ENTER to boot Arch Linux.
When i DON'T hit enter, syslinux boots Arch Linux automatically (here: after 1 second) without password prompt.
Bug?

Besides:
I just noticed /boot/syslinux/syslinux.cfg ist world-readable. Bad default security-wise regarding password-hashes/plaintext!?

To answer your 1st question:

syslinux wiki wrote:

The menu system honours the TIMEOUT command; if TIMEOUT is specified it will execute the ONTIMEOUT command if one exists, otherwise it will pick the default menu option. WARNING: the TIMEOUT action will bypass password protection even if one is set for the specified or default entry!

Google is your friend : http://www.syslinux.org/wiki/index.php? … t/menu.c32

As for the 2nd one: why is it a security problem? First, it is *you* (not syslinux or archlinux) who decides what is secure and what is not. If you store plaintext passwd in syslinux.cfg, then make it 400 root:root. The same happens with wpa_supplicant.conf, btw. Second, if you store hashes, then it is ok to have world-readable config...

Last edited by Leonid.I (2018-03-20 00:37:21)

susse · 2018-03-20 08:52:12

Leonid.I wrote:

To answer your 1st question:
syslinux wiki wrote:
The menu system honours the TIMEOUT command; if TIMEOUT is specified it will execute the ONTIMEOUT command if one exists, otherwise it will pick the default menu option. WARNING: the TIMEOUT action will bypass password protection even if one is set for the specified or default entry!
Google is your friend : http://www.syslinux.org/wiki/index.php? … t/menu.c32

Thanks!
That's the wiki i used, but i totally didn't see that paragraph.

Leonid.I wrote:

As for the 2nd one: why is it a security problem? First, it is *you* (not syslinux or archlinux) who decides what is secure and what is not. If you store plaintext passwd in syslinux.cfg, then make it 400 root:root. The same happens with wpa_supplicant.conf, btw. Second, if you store hashes, then it is ok to have world-readable config...

Well, an admin might forget to withdraw the world-readable bit. I just thought it might be a good idea to remove the world-readable bit by default.

Arch Linux

#1 2018-03-18 23:21:44

syslinux + password bug?

#2 2018-03-20 00:36:16

Re: syslinux + password bug?

#3 2018-03-20 08:52:12

Re: syslinux + password bug?

Board footer