Re: [POSSIBLE GRAVE SECURITY HOLD]
- To: Adam Di Carlo <email@example.com>, Samuel Tardieu <firstname.lastname@example.org>
- Cc: Martijn van Oosterhout <email@example.com>, "Huneycutt, Doug" <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org
- Subject: Re: [POSSIBLE GRAVE SECURITY HOLD]
- From: Pierre Beyssac <email@example.com>
- Date: Wed, 2 Feb 2000 18:11:24 +0100
- Message-id: <20000202181124.G50448@enst.fr>
- In-reply-to: <200002021658.KAA22451@cafe.onshore.com>; from Adam Di Carlo on Wed, Feb 02, 2000 at 10:58:48AM -0600
- References: <firstname.lastname@example.org> <200002021658.KAA22451@cafe.onshore.com>
On Wed, Feb 02, 2000 at 10:58:48AM -0600, Adam Di Carlo wrote:
> Geeze, dude, relax. Boot-floppies 2.2.6, will invoke 'install-mbr -e
> -F' which disables floppy booting from mbr. I personally worry a bit
> about that but we'll see what problems it causes. 2.2.6 should be
> uploaded pretty soon.
As said later, disabling "F" is not enough. You can still boot
(using "A" then a numeric key) then select another partition from
the hard disk. The problem is only slightly different. Once again
Lilo configuration is bypassed.
I can't understand why everyone insists on keeping this MBR since
its "features" serve strictly _NO_ useful purpose other than
bypassing Lilo and BIOS security, so the argument that removing it
would impair the system's ease of use is totally flawed.
We all agree that there can be no "absolute" security, especially
when people have physical access to the machine. However I fail to
see how that's an excuse to keep a security hole that big.
Pierre Beyssac email@example.com