Description of Problem:
The installer does not set a GRUB password to protect unauthorized
users from accessing command-line mode. This is a problem because
arbitrary files on the filesystem can be viewed from GRUB's command
line with the 'cat' command. This doesn't just expose /etc/shadow,
this exposes files that may contain clear-text passwords (example:
Steps to Reproduce:
Given: System using GRUB as a bootloader, no password set, and
/ is on /dev/hda2 (hd0,1). /etc/shadow is standing in for
some arbitrary file.
Boot the system, type <c> to get to the grub> prompt.
grub> cat (hd0,1)/etc/shadow
/etc/shadow is displayed
Setting a GRUB password still allows users to boot any
predefined title entries without the password; it only
locks out menu-editing and CLI mode.
Users should be given the option at install time to set a
GRUB password. GRUB supports standard MD5 passwords. I
see some possible ways to fix this here:
* A check box to set the GRUB password to the install-time
root password, in the installer's bootloader selection
* A text box in the bootloader selection screen to allow
users to set an arbitrary GRUB password at install time.
We'll look at addressing this before beta 2.
You now have the option to set a grub password in gui, tui, and kickstart