Re: [POSSIBLE GRAVE SECURITY HOLD]

To: John Goerzen <jgoerzen@complete.org>
Cc: Pierre Beyssac <beyssac@enst.fr>, Samuel Tardieu <sam@debian.org>, Adam Di Carlo <adam@onshore.com>, "Huneycutt, Doug" <doug.huneycutt@lmco.com>, 56821@bugs.debian.org, pb@enst.fr, quinot@enst.fr, debian-devel@lists.debian.org
Subject: Re: [POSSIBLE GRAVE SECURITY HOLD]
From: Thomas Quinot <quinot@email.enst.fr>
Date: Thu, 3 Feb 2000 00:47:46 +0100
Message-id: <20000203004746.B2812@lantier.enst.fr>
Reply-to: quinot@infres.enst.fr
In-reply-to: <87ya93h467.fsf@erwin.complete.org>; from jgoerzen@complete.org on Wed, Feb 02, 2000 at 12:04:16PM -0600
References: <2000-02-02-11-38-12+trackit+sam@debian.org> <87vh47k3v1.fsf@erwin.complete.org> <20000202175255.E50448@enst.fr> <873drby1na.fsf@erwin.complete.org> <20000202181855.H50448@enst.fr> <87n1pjy0qs.fsf@erwin.complete.org> <20000202184944.K50448@enst.fr> <87ya93h467.fsf@erwin.complete.org>

Le 2000-02-02, John Goerzen écrivait :

> The purpose of this MBR is the same as that of any MBR.

No, John, this is untrue. No other MBR allows booting from a floppy disk.
 
> Which would mean that anybody without an MBR already on their system
> would not get a bootable machine.  Bad idea.

Spreading misinformation only makes you less credible. As was
mentioned extensively on this list and elsewhere, using
Debian's alternative MBR ius perfectly optional. LILO's first stage
loader can also be used in place of a traditional MBR.
 
> There is no bug.  The moment you start holding Debian responsible for
> administrators that do dumb thiings or refuse to read the
> documentation is the moment that common sense begins to evade your
> argument.  Alas, I fear that moment is already at hand.

Common sense commands people to read documentation that exists
and to ignore documentation that does not exist.

> I suggest that a far more reasonable solution, than installing no MBR,
> is to add a mention of the MBR to the Security-HOWTO, which already
> mentions things like padlocks and LILO.

What is the use of installing an MBR? Just because we have one is
no sufficient reason at all.

Thomas.

-- 
Thomas Quinot ** Département Informatique & Réseaux ** quinot@inf.enst.fr
              ENST   //   46 rue Barrault   //   75634 PARIS CEDEX 13

Reply to:

Follow-Ups:
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>

References:
- [POSSIBLE GRAVE SECURITY HOLD]
  - From: Samuel Tardieu <sam@debian.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>

Prev by Date: Re: [POSSIBLE GRAVE SECURITY HOLD]
Next by Date: Re: [POSSIBLE GRAVE SECURITY HOLD]
Previous by thread: Re: [POSSIBLE GRAVE SECURITY HOLD]
Next by thread: Re: [POSSIBLE GRAVE SECURITY HOLD]
Index(es):
- Date
- Thread