[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.

Pierre Beyssac wrote:
> So essntially the user has access to a keyboard and screen and a
> floppy disk drive, nothing more, but they still can tamper with
> the system configuration by using this feature of the MBR we were
> previously unaware of to boot a floppy disk of their own.
> We have removed this MBR so this hole is plugged; the problem is
> that it's part of the default Debian installation without any
> warning about its possibly harmful consequences.

I hope you have password protected your bios, and lilo too, or you're still

see shy jo, in New York

Reply to: