[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Securing a Debian machine

>>"Michael" == Michael Stone <mstone@debian.org> writes:

 Michael> On Wed, Feb 02, 2000 at 12:11:29PM -0500, James A. Treacy wrote:
 >> I propose we do the following:
 >> - leave mbr as it currently stands. Most users are worried about

 Michael> Why would we do that? I have yet to see anyone justify why
 Michael> mbr is good for a default install (rather than as an
 Michael> optional package.) Even leaving the security issue alone,
 Michael> the 2FA: prompt is confusing for people who hit shift in
 Michael> hopes of seeing a lilo: prompt.

        You want justification? Well, someone rebooted a computer
 without rerunning LILO, and having had installed a SCSI disk. The
 machine stopped with the MBR prompt; and the floppy option saved our
 butts. It was a lifesaver; since we were in a timefcritical Demo

        The MBR features are just that: features, and some of us like
 them the way they are. Most installations are happy with lower
 security than requiring the floppy bott be disabled, and for these
 folks this is a feature that can be useful.

        Since we should be targetting the defaults for the most common
 case anyway, I say that the current MBR is justified.

 I went to my mother and told her I intended to commence a different
 life.  I asked for and obtained her blessing and at once commenced
 the career of a robber. Tiburcio Vasquez
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to: