Re: [POSSIBLE GRAVE SECURITY HOLD]

[Pierre Beyssac <beyssac@enst.fr>]

On Wed, Feb 02, 2000 at 11:26:19AM -0600, John Goerzen wrote:
> > I'd like to know what your answer to the following questions is:
> > 
> > 	- what is the purpose, in terms of system usability, of
> > 	  this MBR, other than bypassing BIOS and Lilo controls,
> > 	  which hardly qualifies by my book?
> 
> Uhmm, is this not inherently obvious?  If you don't want LILO in the
> MBR, then you have to have SOMETHING there to boot the box.  Not
> everyone had DOS on the machine previously.

I think you understood my question perfectly, because I tend to
assume that since you make fun of other peoples typos you must
certainly read English quite correctly. I was talking about _THIS_
MBR, not A MBR.

Let me restate: what purpose, in terms of system usability, do the
keyboard-controlled floppy (or any other partition) boot functions
of _this_ MBR serve, that the BIOS or Lilo cannot accomplish?

I obviously agree that you need a MBR. Why, of all the MBRs in the
world, is this dangerous MBR installed instead of Lilo's MBR or
any other secure MBR?

> > 	  NOT EXPLICITLY DOCUMENTING that behaviour in the install
> > 	  process?
> 
> It is documented. As I already acknowledged, perhaps a help button in
> dinstall would be usefull, but let's stop this over-reaction and

Not a help button. A PROMINENT warning, and preferably another
choice by default.

> > 	- what is the purpose, in terms of system usability, of
> > 	  not issuing an advisory to warn vulnerable sites?
> Of what?

Fact: there are many systems vulnerable due to this bug. Why no
official advisory? Does it improve system usability? Or maybe
does it just improve _perceived_ system usability?
-- 
Pierre Beyssac		pb@enst.fr