Re: [POSSIBLE GRAVE SECURITY HOLD]
On -1 xxx -1, Joey Hess wrote:
> Again, why should mbr be held to a different standard than lilo? You say
> it's undocumented, but see /usr/doc/mbr/README:
>
> The boot prompt looks something like this:
>
> 14FA:
>
> This is the list of valid keys which may be pressed. This means that
> partitions 1, and 4 can be booted, also the first floppy drive (F). The
> A means that 'advanced' mode may be entered, in which any partition may
> be booted.
If you REALLY need this feature disabled, just do this:
install-mbr -e -f -e -a
<Disable F and A>
-or this-
install-mbr -i n
<Disable prompt altogether>
-or even this-
lilo -b /dev/hda
<Put LILO into MBR>
<You could also modify /etc/lilo.conf so boot=/dev/hda>
I recommend that this "bug" be in Security-HOWTO, which should be read by
_EVERYONE_ who wants a secure box. (Putting a message in the install
script for mbr doesn't help as it would zip by so fast). It is an
excellent default behaviour to allow F and A, though. Some people
may depend on it being there in an emergency.
Personally, I just have LILO on my MBR, and have a password-protected
floppy option. I plan to switch to GNU GRUB soon, though.
Reply to: