Re: [POSSIBLE GRAVE SECURITY HOLD]
Thomas Quinot wrote:
> And here is the problem:
> The MBR used by Debian by default allows any user to boot from
> floppy. No other PC MBR does that.
Again, why should mbr be held to a different standard than lilo? You say
it's undocumented, but see /usr/doc/mbr/README:
The boot prompt looks something like this:
14FA:
This is the list of valid keys which may be pressed. This means that
partitions 1, and 4 can be booted, also the first floppy drive (F). The
A means that 'advanced' mode may be entered, in which any partition may
be booted.
--
see shy jo
Reply to: