咦，我搜索了一圈，没人讨论么？

http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html

Description

A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). And so, the attacker may take control of the computer.

只有实体操作才能触发漏洞.
自己的主机都是上 windows 的,只有远程的 vps 才是 linux...然而并没有什么卵用

这里有多少人会给 grub 加密码……