"Disable secure boot" workflow is broken
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dkms (Ubuntu) |
Fix Released
|
Critical
|
Mathieu Trudel-Lapierre | ||
Xenial |
Fix Released
|
Critical
|
Mathieu Trudel-Lapierre | ||
grub2 (Ubuntu) |
Fix Released
|
Critical
|
Mathieu Trudel-Lapierre | ||
Xenial |
Fix Released
|
Critical
|
Mathieu Trudel-Lapierre |
Bug Description
I upgraded to grub2 2.02~beta2-
Installing for x86_64-efi platform.
Installation finished. No error reported.
password should be 8~16 characters
password should be 8~16 characters
password should be 8~16 characters
Abort
Looking at the code:
There are a few problems here:
* You *must* use echo "$RET" rather than echo $RET; the password could contain metacharacters. In general you should always surround any $-expansion in a shell script with "" unless you specifically know that you're in one of the special cases where you need to not do so.
* This is a /bin/bash script for historical reasons. echo "${RET}\n${RET}" is non-portable syntax and only works in shells such as dash with the other style of echo. You should use this instead: printf '%s\n%s\n' "$RET" "$RET"
* While you're here, it seems to me that a password confirmation page would be a good idea, given that you obviously can't see what you're typing.
dkms would be affected the same way, they both use the same code.
I will fix today.