[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [POSSIBLE GRAVE SECURITY HOLD]

On Wed, Feb 02, 2000 at 06:16:01PM -0500, Michael Stone wrote:
> Let's be specific--you demonstrated some marginal situations for which
> mbr should be availble. You have yet to show why it should be the
> default.

Actually, what we want for the general case is exactly the solution which
deals with marginal cases as well as the default case.  The fact that
mbr deals with disks larger than 8Gig alone recommends it as the default.

As far as security goes, access to *any* boot prompt -- not just MBR's --
is sufficient to compromise a system which can be rebooted.  I believe
John already gave several examples of this.

Or are you claiming that any need for access to the boot prompt on
a debian system is marginal situation, and that it makes documenting
and using our system easier if we deny users access to boot prompts,
and booting from partitions which are larger than 8Gig.

[No one should ever need more than 8 gig?]

-- 
Raul
Reply to: