Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
- To: Joseph Carter <knghtbrd@debian.org>
- Cc: Martijn van Oosterhout <kleptog@cupid.suninternet.com>, Samuel Tardieu <sam@debian.org>, Adam Di Carlo <adam@onshore.com>, "Huneycutt, Doug" <doug.huneycutt@lmco.com>, 56821@bugs.debian.org, pb@enst.fr, quinot@enst.fr, debian-devel@lists.debian.org
- Subject: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
- From: Ben Collins <bcollins@debian.org>
- Date: Wed, 2 Feb 2000 08:43:16 -0500
- Message-id: <[🔎] 20000202084316.F7238@visi.net>
- Reply-to: Ben Collins <bcollins@debian.org>, 56821@bugs.debian.org
- In-reply-to: <[🔎] 20000202045337.A10828@debian.org>; from knghtbrd@debian.org on Wed, Feb 02, 2000 at 04:53:37AM -0800
- References: <[🔎] 2000-02-02-11-38-12+trackit+sam@debian.org> <[🔎] 389823E6.37B56639@cupid.suninternet.com> <[🔎] 20000202045337.A10828@debian.org>
On Wed, Feb 02, 2000 at 04:53:37AM -0800, Joseph Carter wrote:
> On Wed, Feb 02, 2000 at 11:32:38PM +1100, Martijn van Oosterhout wrote:
> > Err, there is a mistake here somewhere. If you are getting 1FA at the
> > boot prompt then lilo is *NOT* in the MBR. If it were you would get the
> > lilo prompt.
>
> Why not? If I hold down the wrong key too soon in the boot process, I get
> a 3FA: prompt. I press enter and get lilo as normal.
>
> It's not a virus or a security concern. Similar prompts happen on similar
> machines lots. No two machines seem to have the same "strange" prompt.
In fact, sparc HARDWARE allows you to boot from tftp, floppy, CD, or any
harddrive. So am I to suppose that SPARC hardware is insecure by default
(for physical security)? Of course, and thus I would change it. Am I to
suppose that it should be made not to do that by default? No, because it
is setup to be easy to manage by default, and if I want better, I change
it. Same with the MBR.
Joseph, this is pointed at the argument, not at you :)
--
-----------=======-=-======-=========-----------=====------------=-=------
/ Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \
` bcollins@debian.org -- bcollins@openldap.org -- bmc@visi.net '
`---=========------=======-------------=-=-----=-===-======-------=--=---'
Reply to: