Re: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
On Wed, Feb 02, 2000 at 06:11:24PM +0100, Pierre Beyssac wrote:
> On Wed, Feb 02, 2000 at 10:58:48AM -0600, Adam Di Carlo wrote:
> > Geeze, dude, relax. Boot-floppies 2.2.6, will invoke 'install-mbr -e
> > -F' which disables floppy booting from mbr. I personally worry a bit
> > about that but we'll see what problems it causes. 2.2.6 should be
> > uploaded pretty soon.
> As said later, disabling "F" is not enough. You can still boot
> (using "A" then a numeric key) then select another partition from
> the hard disk. The problem is only slightly different. Once again
> Lilo configuration is bypassed.
> I can't understand why everyone insists on keeping this MBR since
> its "features" serve strictly _NO_ useful purpose other than
> bypassing Lilo and BIOS security, so the argument that removing it
> would impair the system's ease of use is totally flawed.
> We all agree that there can be no "absolute" security, especially
> when people have physical access to the machine. However I fail to
> see how that's an excuse to keep a security hole that big.
Sorry, I promised myself to stay out of this flamefest, but seriously,
just because you don't like a feature doesn't mean that it should be
stricken from the system. That mbr is darn useful at times, and I've
used it to get into my system when I had no boot floppy around. Or
when lilo was broken. It lets you boot to your rescue partition even
if you don't have a floppy drive. Just because in your, unusual, case
(most Debian running computers do not have guards standing over them)
find it a problem does not mean that we should destroy useful functionality.