Mageia forum

I read that by pressing backspace 28 times when booting allowed entry to the system without password. The article was in Spanish ( not my language) so perhaps I misunderstood. Can anyone comment? TIA

This issue have reference CVE-2015-8370 and will soon have a fix. In that bug report there are also some more informative links.

thank you

This bug as i read it only applies if you are using a grub 2 password.

so if you are not then you are also not impacted by this, in other words it has no knock on effect.

so the press coverage it has received, blows the issue out of proportion, that is unless you are relying on that grub2 password to
lock your machine down.

regards peter

wintpe wrote:This bug as i read it only applies if you are using a grub 2 password.
[...]
so the press coverage it has received, blows the issue out of proportion

Totally agree, it was way overhyped.

As it requires typical access to the machine, there are gazillion other way to workaround the bootloader password if that is your "protection".

I have been traveling in Panama, and I only learned about this "vulnerability" after I returned yesterday.

I saw an article in ZDNet with the breathless headline: "how to hack any linux machine". I read the article, said: "it won't work at all on my machines" and "whatthehell is this about...unintended way in but not particularly a threat to any machine that is properly secured."

Way over-hyped. Must indicate how secure Linux really is, that such a "vulnerability" gets such attention. Now...shellshock was a real serious problem. The OpenSSL issues are serious issues. But this???? Pfff.