Bug#56821: Important security hole: mbr allows anyone to boot from a floppy.
On Wed, Feb 02, 2000 at 12:09:46AM -0500, Joey Hess wrote:
> Thomas Quinot wrote:
> > Is there any documentation whatsoever that the Debian installation
> > sets up a MBR which allows any user to boot from a floppy, which is
> > contrary to the usual, standard behaviour of MBRs that have been
> > found on PC computers for the past 15 years?
>
> Have you considered that all PC's in the same time period have either booted
> from the floppy first by preference, or allowed you to configure the BIOS to
> so do?
Exactly. How can we consider it a bug in the OS, when it is the default of
the hardware to do the same thing. Granted we can document it, but I think
the behavior is expected of any default system that it is possible to boot
from floppy.
So this IS NOT a security issue, but merely a documentation issue.
--
-----------=======-=-======-=========-----------=====------------=-=------
/ Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \
` bcollins@debian.org -- bcollins@openldap.org -- bmc@visi.net '
`---=========------=======-------------=-=-----=-===-======-------=--=---'
Reply to: