Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.

To: Joey Hess <joeyh@debian.org>
Cc: 56821@bugs.debian.org, Ben Collins <bcollins@debian.org>, pb@enst.fr, sam@infres.enst.fr
Subject: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
From: Thomas Quinot <thomas@cuivre.fr.eu.org>
Date: Wed, 2 Feb 2000 16:38:14 +0100
Message-id: <[🔎] 20000202163814.A4357@cuivre.fr.eu.org>
Reply-to: thomas@cuivre.fr.eu.org, 56821@bugs.debian.org
In-reply-to: <[🔎] 20000202000945.B852@kitenet.net>; from joeyh@debian.org on Wed, Feb 02, 2000 at 12:09:46AM -0500
References: <[🔎] 20000201182948.C5FD72AB3B@melchior.cuivre.fr.eu.org> <[🔎] 20000201141756.A7238@visi.net> <[🔎] 20000201225548.B29296@cuivre.fr.eu.org> <[🔎] 20000201204924.C7238@visi.net> <[🔎] 20000202030045.A31496@cuivre.fr.eu.org> <[🔎] 20000202000945.B852@kitenet.net>

Le 2000-02-02, Joey Hess écrivait :

> Have you considered that all PC's in the same time period have either booted
> from the floppy first by preference, or allowed you to configure the BIOS to
> so do?

Have /you/ considered that modern BIOSs also have been providing
the ability to (a) disable booting from a floppy and (b) protecting
configuration changes using a password?

Have you considered that, once such settings have been put in place,
it is a reasonable expectation that no piece of software will try
to outsmart you and boot from floppy anyway?

Thomas.

-- 
    Thomas.Quinot@Cuivre.FR.EU.ORG

Reply to:

References:
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Ben Collins <bcollins@debian.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Ben Collins <bcollins@debian.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Bug#56821: it's so simple... (was Re: [POSSIBLE GRAVE SECURITY HOLD])
Next by Date: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
Previous by thread: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Next by thread: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Index(es):
- Date
- Thread