Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.

To: Ben Collins <bcollins@debian.org>
Cc: 56821@bugs.debian.org, pb@enst.fr, sam@infres.enst.fr
Subject: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
From: Thomas Quinot <thomas@cuivre.fr.eu.org>
Date: Wed, 2 Feb 2000 03:00:46 +0100
Message-id: <[🔎] 20000202030045.A31496@cuivre.fr.eu.org>
Reply-to: thomas@cuivre.fr.eu.org, 56821@bugs.debian.org
In-reply-to: <[🔎] 20000201204924.C7238@visi.net>; from bcollins@debian.org on Tue, Feb 01, 2000 at 08:49:24PM -0500
References: <[🔎] 20000201182948.C5FD72AB3B@melchior.cuivre.fr.eu.org> <[🔎] 20000201141756.A7238@visi.net> <[🔎] 20000201225548.B29296@cuivre.fr.eu.org> <[🔎] 20000201204924.C7238@visi.net>

Le 2000-02-02, Ben Collins écrivait :

> Then the problem does not exist. I was pointing "lazy" to not checking
> that it was setup properly,

Is there any documentation whatsoever that the Debian installation
sets up a MBR which allows any user to boot from a floppy, which is
contrary to the usual, standard behaviour of MBRs that have been
found on PC computers for the past 15 years?

Furthermore, I believe providing an insecure system by default, and
leaving it up on administrators to guess the system's subtely non-standard
behaviours and fix them is not considered common practice (nor
good practice) within Debian.

Thomas.

-- 
    Thomas.Quinot@Cuivre.FR.EU.ORG

Reply to:

Follow-Ups:
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Ben Collins <bcollins@debian.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Randolph Chung <tausq@debian.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Joey Hess <joeyh@debian.org>

References:
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Ben Collins <bcollins@debian.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Thomas Quinot <thomas@cuivre.fr.eu.org>
- Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
  - From: Ben Collins <bcollins@debian.org>

Prev by Date: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Next by Date: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Previous by thread: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Next by thread: Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
Index(es):
- Date
- Thread