Re: [POSSIBLE GRAVE SECURITY HOLD]
Pierre Beyssac <beyssac@enst.fr> writes:
> On Wed, Feb 02, 2000 at 12:04:16PM -0600, John Goerzen wrote:
> > The purpose of this MBR is the same as that of any MBR.
>
> Funny, you edited out my question about why _THIS_ MBR allows you
> to choose to boot from a floppy. Does the logical answer disturb
> you, perhaps?
No, it's irrelevant. It is not MBR that is making things insecure.
It's YOU (or the relevant admin).
> If I read the above correctly, you agree with me, then, that _THIS_
> MBR should be replaced with a regular, less-featured MBR.
I personally don't care as I run an Alpha :-)
However I think it is a very poor argument to remove something because
it has features that an inexperienced admin could misuse. Virtually
everything in the distro is like that.
> > Which would mean that anybody without an MBR already on their system
> > would not get a bootable machine. Bad idea.
>
> Either you can't read or you're trying to make me look like an idiot.
Nobody has yet mentioned a suitable alternative.
> No: that means Lilo's MBR would be installed instead by default.
> _That_ is the reasonnable choice. You implicitly admitted this
> at the top.
No, I didn't. The weakness of this is that you can only change the
partitions to boot from within Linux. If Linux is not bootable or
deleted, you're stuck. This is not acceptable.
--
John Goerzen Linux, Unix consulting & programming jgoerzen@complete.org |
Developer, Debian GNU/Linux (Free powerful OS upgrade) www.debian.org |
----------------------------------------------------------------------------+
The 464,750th digit of pi is 5.
Reply to: