Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
- To: email@example.com
- Cc: Pierre Beyssac <firstname.lastname@example.org>, Samuel Tardieu <email@example.com>, Adam Di Carlo <firstname.lastname@example.org>, "Huneycutt, Doug" <email@example.com>, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com
- Subject: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
- From: John Goerzen <firstname.lastname@example.org>
- Date: 02 Feb 2000 17:56:26 -0600
- Message-id: <[🔎] email@example.com>
- Reply-to: John Goerzen <firstname.lastname@example.org>, email@example.com
- In-reply-to: Thomas Quinot's message of "Thu, 3 Feb 2000 00:47:46 +0100"
- References: <[🔎] firstname.lastname@example.org> <[🔎] email@example.com> <[🔎] 20000202175255.E50448@enst.fr> <[🔎] firstname.lastname@example.org> <[🔎] 20000202181855.H50448@enst.fr> <[🔎] email@example.com> <[🔎] 20000202184944.K50448@enst.fr> <[🔎] firstname.lastname@example.org> <[🔎] 20000203004746.B2812@lantier.enst.fr>
Thomas Quinot <email@example.com> writes:
> Le 2000-02-02, John Goerzen écrivait :
> > The purpose of this MBR is the same as that of any MBR.
> No, John, this is untrue. No other MBR allows booting from a floppy disk.
That's irrelevant. The purpose is the same: boot up an operating
system. That's a feature, not the purpose.
> > Which would mean that anybody without an MBR already on their system
> > would not get a bootable machine. Bad idea.
> Spreading misinformation only makes you less credible. As was
What misinformation? The above statement sounds perfectly reasonable.
> mentioned extensively on this list and elsewhere, using
> Debian's alternative MBR ius perfectly optional. LILO's first stage
> loader can also be used in place of a traditional MBR.
You have not paid attention to the discussion then, as using it has
some significant drawbacks vs. what you call a "traditional" MBR.
Specifically, you cannot modify the bootup settings from a non-Linux
OS, and it will cease functioning if anthing happens to the Linux
> Common sense commands people to read documentation that exists
> and to ignore documentation that does not exist.
Then by all means, please read the documentation that exists for mbr.
> > I suggest that a far more reasonable solution, than installing no MBR,
> > is to add a mention of the MBR to the Security-HOWTO, which already
> > mentions things like padlocks and LILO.
> What is the use of installing an MBR? Just because we have one is
> no sufficient reason at all.
Because the system WILL NOT BOOT without an MBR!
Didn't we just cover this above?