[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


On Wed, Feb 02, 2000 at 06:11:24PM +0100, Pierre Beyssac wrote:
> On Wed, Feb 02, 2000 at 10:58:48AM -0600, Adam Di Carlo wrote:
> > Geeze, dude, relax.  Boot-floppies 2.2.6, will invoke 'install-mbr -e
> > -F' which disables floppy booting from mbr.  I personally worry a bit
> > about that but we'll see what problems it causes.  2.2.6 should be
> > uploaded pretty soon.
> As said later, disabling "F" is not enough. You can still boot
> (using "A" then a numeric key) then select another partition from
> the hard disk. The problem is only slightly different. Once again
> Lilo configuration is bypassed.
> I can't understand why everyone insists on keeping this MBR since
> its "features" serve strictly _NO_ useful purpose other than
> bypassing Lilo and BIOS security, so the argument that removing it
> would impair the system's ease of use is totally flawed.
> We all agree that there can be no "absolute" security, especially
> when people have physical access to the machine. However I fail to
> see how that's an excuse to keep a security hole that big.

Sorry, I promised myself to stay out of this flamefest, but seriously,
just because you don't like a feature doesn't mean that it should be
stricken from the system.  That mbr is darn useful at times, and I've
used it to get into my system when I had no boot floppy around.  Or
when lilo was broken.  It lets you boot to your rescue partition even
if you don't have a floppy drive.  Just because in your, unusual, case
(most Debian running computers do not have guards standing over them)
find it a problem does not mean that we should destroy useful functionality.

-- Nathaniel

Reply to: