What is the security risk with os-prober when using GRUB to dual boot? (lemmy.world)

submitted 1 year ago by Infernal_pizza@lemmy.world to c/archlinux@lemmy.ml

2 comments fedilink hide all child comments

Apparently os-prober is a security risk but tbh I don't really understand the issue. I've read its something to do with mounting all partitions as root, but you have to run grub-mkconfig as root anyway so I don't see how that could be used to gain root privileges? Does it not unmount them afterwards? And could you avoid the risk by just disabling it again after you've generated your grub.cfg?

The other option seems to be manually adding a Windows entry to /etc/grub.d/40_custom so I assume thats the recommended way to dual boot?

top 2 comments

sorted by: hot top controversial new old

[-] housepanther@lemmy.goblackcat.com 2 points 1 year ago

I don't have any hard data but I don't see that as a real security risk.

[-] mark3748@geddit.social 2 points 1 year ago

It’s, as you said, because it mounts everything as root. It’s possible that this could be exploited to gain root privileges but not likely. If you’re paranoid and/or building a secure system that you don’t need to dual boot, it’s not a bad idea to disable it.

this post was submitted on 17 Jul 2023

11 points (100.0% liked)

Arch Linux

7173 readers

5 users here now

The beloved lightweight distro

founded 4 years ago

MODERATORS

k_o_t@lemmy.ml