Re: [POSSIBLE GRAVE SECURITY HOLD]
>>"Thomas" == Thomas Quinot <email@example.com> writes:
Thomas> Le 2000-02-02, John Goerzen écrivait :
>> Not at all. Is not this already done in the docs for MBR? I recall
>> reading about it there...
Thomas> There is no documentation whatsoever that, when a system is
So whats /usr/doc/mbr/README? chopped liver? ;-)
Thomas> installed with the default settings, then the installed MBR
Thomas> will be the one from the package named "mbr". There is no
Thomas> documentation whatsoever in the installation procedure that
Thomas> it will by default install an MBR that unconditionnally
Thomas> allows booting from a floppy disc.
The default is not havig a password in LILO, and the default
always has been allwing floppy boots. In fact, that is indeed
standard behavious, and the principle of least surprise says we do
not change that.
If this is a problem, then indeed, the documentation should be
highlighted in a Securing Debian document.
if _FP_W_TYPE_SIZE < 64 error "Only stud muffins allowed, schmuck."
Manoj Srivastava <firstname.lastname@example.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C