http://bugzilla.opensuse.org/show_bug.cgi?id=1137064
http://bugzilla.opensuse.org/show_bug.cgi?id=1137064#c5
Josef Reidinger
Hi Josef, thanks for clarifying. I just want to stress out three points:
1. I never edited /etc/defaults/grub, so there must have been some uderlying bug in the past ... but this is not the issue here
2. I am having some 25 years development experience in an area where software bugs are not really acceptable. So, my quality expectations might be on the upper end. But your bug caused me to search for several hours for a solution ... Appending parameters to an existing configuration without checking what is already there never has been a good implementation decision (what about conflicting paramter?)
kernel does not have conflicting params beside "noresume" which is handled now. Others should be simple overwritten, like if there is "quite verbose quite" then the last one wins. But I agree we need to address this issue and solution should be to remove duplicite params. ( so if there is e.g. "quite verbose quite" reduce it to "verbose quite" where we keep always just last param )
3. Why does grub just die and is not eving giving a timeout? Sounds pretty much like a good buffer overflow! Anyone looking for a nice scenario for a not so easy to find code injection attack vector? (Exactly that is the reason why I set the severity to major)
Question for michal. Can you comment grub behavior here? Or maybe it does not die and simply kernel die when it gets those params? -- You are receiving this mail because: You are on the CC list for the bug.