Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.

To: thomas@cuivre.fr.eu.org, 56821@bugs.debian.org
Cc: Ben Collins <bcollins@debian.org>, pb@enst.fr, sam@infres.enst.fr
Subject: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
From: Randolph Chung <tausq@debian.org>
Date: Tue, 1 Feb 2000 20:25:03 -0700
Message-id: <[🔎] 20000201202503.L22865@tausq.org>
Reply-to: Randolph Chung <tausq@debian.org>, 56821@bugs.debian.org
In-reply-to: <[🔎] 20000202030045.A31496@cuivre.fr.eu.org>; from thomas@cuivre.fr.eu.org on Wed, Feb 02, 2000 at 03:00:46AM +0100
References: <[🔎] 20000201182948.C5FD72AB3B@melchior.cuivre.fr.eu.org> <[🔎] 20000201141756.A7238@visi.net> <[🔎] 20000201225548.B29296@cuivre.fr.eu.org> <[🔎] 20000201204924.C7238@visi.net> <[🔎] 20000202030045.A31496@cuivre.fr.eu.org>

> Furthermore, I believe providing an insecure system by default, and
> leaving it up on administrators to guess the system's subtely non-standard
> behaviours and fix them is not considered common practice (nor
> good practice) within Debian.

instead of you all starting another flamewar^H^H^H^H^H^H^H^H^Hdiscussion, we
are going to try to install the mbr with the floppy option turned off....
(install-mbr --enable -F)

Please understand that the boot floppies team is for the most part extremely
under-staffed; we don't know everything, and depend and really rely on
constructive bug reports and solutions.

This bug will be closed with the next boot floppies upload. If you have
other constructive concerns/suggestions, please let us know.

randolph
-- 
Debian Developer <tausq@debian.org>
http://www.TauSq.org/

Reply to:

Follow-Ups:
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Pierre Beyssac <beyssac@enst.fr>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@debian.org>

References:
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Ben Collins <bcollins@debian.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Ben Collins <bcollins@debian.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>

Prev by Date: Bug#48866: Time-Zone still wrong
Next by Date: Re: dbootstrap hangs when flavor is not specified
Previous by thread: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Next by thread: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Index(es):
- Date
- Thread