Re: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
On Wednesday 2 February 2000, at 18 h 17, the keyboard of Daniel Burrows
> This thread was the first -- the *first* -- time that I even realized that the
> default Debian install didn't put LILO on the MBR but used the mbr package
This is certainly true of most Debian administrators. Ask yourself: "Where you
aware that *any* precaution you take, such as setting a BIOS password, locking
the box, or adding a password in LILO was useless?"
The reaction of Ben Collins reminded me Dan Bernstein when a flaw was
discovered in qmail: even if 99 % of the users of qmail did it the wrong way,
Bernstain always claimed that they should have read the documentation and do
otherwise than the default.
This is the sort of attitude I expect from *BSD, where every user is supposed
to be, like the Adam Smith consumer, perfectly knowledgeable about anything.
But this is not a proper attitude for Debian, whose purpose is to let users
spend less time with the setup of the system.