Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
Thomas Quinot <firstname.lastname@example.org> writes:
> Le 2000-02-02, John Goerzen écrivait :
> > The purpose of this MBR is the same as that of any MBR.
> No, John, this is untrue. No other MBR allows booting from a floppy disk.
That's irrelevant. The purpose is the same: boot up an operating
system. That's a feature, not the purpose.
> > Which would mean that anybody without an MBR already on their system
> > would not get a bootable machine. Bad idea.
> Spreading misinformation only makes you less credible. As was
What misinformation? The above statement sounds perfectly reasonable.
> mentioned extensively on this list and elsewhere, using
> Debian's alternative MBR ius perfectly optional. LILO's first stage
> loader can also be used in place of a traditional MBR.
You have not paid attention to the discussion then, as using it has
some significant drawbacks vs. what you call a "traditional" MBR.
Specifically, you cannot modify the bootup settings from a non-Linux
OS, and it will cease functioning if anthing happens to the Linux
> Common sense commands people to read documentation that exists
> and to ignore documentation that does not exist.
Then by all means, please read the documentation that exists for mbr.
> > I suggest that a far more reasonable solution, than installing no MBR,
> > is to add a mention of the MBR to the Security-HOWTO, which already
> > mentions things like padlocks and LILO.
> What is the use of installing an MBR? Just because we have one is
> no sufficient reason at all.
Because the system WILL NOT BOOT without an MBR!
Didn't we just cover this above?