[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.



On Tue, Feb 01, 2000 at 10:55:48PM +0100, Thomas Quinot wrote:
> For example, at this academic site, we have a few dozen Debian stations
> that can be used by students freely during the day. As the labs are
> under constant video monitoring, we consider that users will not tamper
> with hardware (e.g. open a machine's case to short circuit the
> BIOS battery). Moreover, students do need access to floppy drives
> to take their own files home. For these reasons, the machines
> in these labs have fully operative floppy disk drives. In our situation,
> it is thus necessary to prevent users from /booting/ the machines from
> the floppy disks
What about the option of turning off booting from floppy in the BIOS and
password protect the BIOS Setup (no Password on booting the machine, only a
password if you wish to change the BIOS settings). Or are the machines old
enough that the BIOS isn't capable enough?

Nils

-- 
Plug-and-Play is really nice, unfortunately it only works 50% of the time.
To be specific the "Plug" almost always works.            --unknown source

Attachment: pgprvsfkIeGbX.pgp
Description: PGP signature


Reply to: