[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.

On Wed, Feb 02, 2000 at 12:09:46AM -0500, Joey Hess wrote:
> Thomas Quinot wrote:
> > Is there any documentation whatsoever that the Debian installation
> > sets up a MBR which allows any user to boot from a floppy, which is
> > contrary to the usual, standard behaviour of MBRs that have been
> > found on PC computers for the past 15 years?
> Have you considered that all PC's in the same time period have either booted
> from the floppy first by preference, or allowed you to configure the BIOS to
> so do?

Exactly. How can we consider it a bug in the OS, when it is the default of
the hardware to do the same thing. Granted we can document it, but I think
the behavior is expected of any default system that it is possible to boot
from floppy.

So this IS NOT a security issue, but merely a documentation issue.

/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`     bcollins@debian.org  --  bcollins@openldap.org  --  bmc@visi.net     '

Reply to: