From a2616e852ba1d861209f66ce4afc8728117a1acd Mon Sep 17 00:00:00 2001
From: Francis Rowe <info@gluglug.org.uk>
Date: Wed, 20 May 2015 05:25:31 -0400
Subject: docs/gnulinux/encrypted_*.html: Remove notes about --unrestricted

These instructions were dangerous. I was provided with them by a
user who found them, and I thought that it would be safe to allow
access to boot the HDD so long as the OS was encrypted. However,
this is not the point. With that option unrestricted, anyone with
physical access could replace the HDD with another LUKS-encrypted
one with the same set up (just a different system, different key,
different passphrase, etc) and now they are able to run their own
code on that laptop. This *is* dangerous. There is a lot that an
attacker can do to the laptop if they are able to boot an OS on it!

Basically, Francis Rowe was being foolish to add these instructions.
Now he's wised up a bit.
---
(limited to 'docs/gnulinux/encrypted_parabola.html')

diff --git a/docs/gnulinux/encrypted_parabola.html b/docs/gnulinux/encrypted_parabola.html
index e61f658..09e16d7 100644
--- a/docs/gnulinux/encrypted_parabola.html
+++ b/docs/gnulinux/encrypted_parabola.html
@@ -520,12 +520,6 @@
 	<pre><b><i>set superusers=&quot;root&quot;
 	password_pbkdf2 root grub.pbkdf2.sha512.10000.711F186347156BC105CD83A2ED7AF1EB971AA2B1EB2640172F34B0DEFFC97E654AF48E5F0C3B7622502B76458DA494270CC0EA6504411D676E6752FD1651E749.8DD11178EB8D1F633308FD8FCC64D0B243F949B9B99CCEADE2ECA11657A757D22025986B0FA116F1D5191E0A22677674C994EDBFADE62240E9D161688266A711
 	</i></b></pre>
-	
-			<p>
-				You can change the menuentry to say this:<br/>
-				menuentry 'Load Operating System' --unrestricted<br/>
-				This will allow booting that menuentry without a password, but not allow changing it (according to a user report).
-			</p>
 
 			<p>
 				Note that the above entry specifies user 'root'; this is just a username for GRUB. You don't even need to use root.
--
cgit v0.9.1