Hello,
Actually, i’m working on a usable FOS client working on Secure Boot, based on signed Clonezilla Linux kernel.
(with GRUB-signed + shim for PXE chainloading)
In a attempt of make a wrapper for GRUB (like bootmenu.class.php), i discovered in bootmenu.class.php :
Everybody on the network where FOG Server is connected (even if the server is connected on Internet) can
- Delete a host
- Update a product key
- Join a multicast session
- Approve a host (which can lead to an AD credential leak)
The only prerequisites are to known the mac address of a computer present in the FOG Database.
In the commit proposed, it changes the behavior of how iPXE handles the user and password throughout multiples #iPXE scripts, and ensures at all times an action is authenticated, event if the command is “internal” (delconf/sessname/key/aprvconf)
Theses lines ensures username and password parameters to be kept in RAM during the iPXE phase && re-transmitted (if defined):
'param username ${username}',
'param password ${password}',
PS : I’m sorry @Sebastian-Roth for my (very) late reply.