Re: [POSSIBLE GRAVE SECURITY HOLD]

To: quinot@infres.enst.fr
Cc: Pierre Beyssac <beyssac@enst.fr>, Samuel Tardieu <sam@debian.org>, Adam Di Carlo <adam@onshore.com>, "Huneycutt, Doug" <doug.huneycutt@lmco.com>, 56821@bugs.debian.org, pb@enst.fr, quinot@enst.fr, debian-devel@lists.debian.org
Subject: Re: [POSSIBLE GRAVE SECURITY HOLD]
From: John Goerzen <jgoerzen@complete.org>
Date: 02 Feb 2000 17:56:26 -0600
Message-id: <87zotji2fp.fsf@erwin.complete.org>
In-reply-to: Thomas Quinot's message of "Thu, 3 Feb 2000 00:47:46 +0100"
References: <2000-02-02-11-38-12+trackit+sam@debian.org> <87vh47k3v1.fsf@erwin.complete.org> <20000202175255.E50448@enst.fr> <873drby1na.fsf@erwin.complete.org> <20000202181855.H50448@enst.fr> <87n1pjy0qs.fsf@erwin.complete.org> <20000202184944.K50448@enst.fr> <87ya93h467.fsf@erwin.complete.org> <20000203004746.B2812@lantier.enst.fr>

Thomas Quinot <quinot@email.enst.fr> writes:

> Le 2000-02-02, John Goerzen écrivait :
> 
> > The purpose of this MBR is the same as that of any MBR.
> 
> No, John, this is untrue. No other MBR allows booting from a floppy disk.

That's irrelevant.  The purpose is the same: boot up an operating
system.  That's a feature, not the purpose.

> > Which would mean that anybody without an MBR already on their system
> > would not get a bootable machine.  Bad idea.
> 
> Spreading misinformation only makes you less credible. As was

What misinformation?  The above statement sounds perfectly reasonable.

> mentioned extensively on this list and elsewhere, using
> Debian's alternative MBR ius perfectly optional. LILO's first stage
> loader can also be used in place of a traditional MBR.

You have not paid attention to the discussion then, as using it has
some significant drawbacks vs. what you call a "traditional" MBR.
Specifically, you cannot modify the bootup settings from a non-Linux
OS, and it will cease functioning if anthing happens to the Linux
partition.

> Common sense commands people to read documentation that exists
> and to ignore documentation that does not exist.

Then by all means, please read the documentation that exists for mbr.

> > I suggest that a far more reasonable solution, than installing no MBR,
> > is to add a mention of the MBR to the Security-HOWTO, which already
> > mentions things like padlocks and LILO.
> 
> What is the use of installing an MBR? Just because we have one is
> no sufficient reason at all.

Because the system WILL NOT BOOT without an MBR!

Didn't we just cover this above?

Reply to:

Follow-Ups:
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Thomas Quinot <quinot@email.enst.fr>

References:
- [POSSIBLE GRAVE SECURITY HOLD]
  - From: Samuel Tardieu <sam@debian.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Thomas Quinot <quinot@email.enst.fr>

Prev by Date: How can I persuade my boss using pgsql?
Next by Date: Re: [POSSIBLE GRAVE SECURITY HOLD]
Previous by thread: Re: [POSSIBLE GRAVE SECURITY HOLD]
Next by thread: Re: [POSSIBLE GRAVE SECURITY HOLD]
Index(es):
- Date
- Thread