Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
On Wed, Feb 02, 2000 at 03:00:46AM +0100, Thomas Quinot wrote:
> Le 2000-02-02, Ben Collins écrivait :
>
> > Then the problem does not exist. I was pointing "lazy" to not checking
> > that it was setup properly,
>
> Is there any documentation whatsoever that the Debian installation
> sets up a MBR which allows any user to boot from a floppy, which is
> contrary to the usual, standard behaviour of MBRs that have been
> found on PC computers for the past 15 years?
>
> Furthermore, I believe providing an insecure system by default, and
> leaving it up on administrators to guess the system's subtely non-standard
> behaviours and fix them is not considered common practice (nor
> good practice) within Debian.
Then we should disable inetd from the get go and let the admin figure out
how to start it up too.
--
-----------=======-=-======-=========-----------=====------------=-=------
/ Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \
` bcollins@debian.org -- bcollins@openldap.org -- bmc@visi.net '
`---=========------=======-------------=-=-----=-===-======-------=--=---'
Reply to: