[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.

On Tue, Feb 01, 2000 at 10:55:48PM +0100, Thomas Quinot wrote:
> For example, at this academic site, we have a few dozen Debian stations
> that can be used by students freely during the day. As the labs are
> under constant video monitoring, we consider that users will not tamper
> with hardware (e.g. open a machine's case to short circuit the
> BIOS battery).

Thomas has summarized our configuration quite well.

On the topic of hardware tampering, I'd like to add that the machine
cases are physically protected with a lock and antitheft cable so
that they _cannot_ be opened (at least not in an easy way).

So essentially the user has access to a keyboard and screen and a
floppy disk drive, nothing more, but they still can tamper with
the system configuration by using this feature of the MBR we were
previously unaware of to boot a floppy disk of their own.

We have removed this MBR so this hole is plugged; the problem is
that it's part of the default Debian installation without any
warning about its possibly harmful consequences.
Pierre Beyssac		pb@enst.fr

Reply to: