Never tried it myself but there is a password command within Grub.
Straight off the Grub-0.97 Manual
Quote:
13.2.10 password
— Command: password [--md5] passwd [new-config-file]
If used in the first section of a menu file, disable all interactive editing control (menu entry editor and command-line) and entries protected by the command lock. If the password passwd is entered, it loads the new-config-file as a new config file and restarts the GRUB Stage 2, if new-config-file is specified. Otherwise, GRUB will just unlock the privileged instructions. You can also use this command in the script section, in which case it will ask for the password, before continuing. The option --md5 tells GRUB that passwd is encrypted with md5crypt (see md5crypt).
|
I ran into Grub4Dos that uses it as a way to prevent others to alter the Grub menu. Without the password one can alter the booting entries on-the-fly.
It should possible to nest a set of Grub menus so that a user must submit a password before he/she can progress to the next level of booting pre-determined alternatives.