Re: [POSSIBLE GRAVE SECURITY HOLD]

To: Manoj Srivastava <srivasta@debian.org>
Cc: debian's developers <debian-devel@lists.debian.org>
Subject: Re: [POSSIBLE GRAVE SECURITY HOLD]
From: Thierry Laronde <thierry.laronde@polynum.com>
Date: Thu, 3 Feb 2000 14:06:58 +0100
Message-id: <20000203140658.A1046@polynum.com>
In-reply-to: <87iu07htfw.fsf@glaurung.green-gryphon.com>; from Manoj Srivastava on Wed, Feb 02, 2000 at 09:10:43PM -0600
References: <2000-02-02-11-38-12+trackit+sam@debian.org> <87vh47k3v1.fsf@erwin.complete.org> <20000202175255.E50448@enst.fr> <873drby1na.fsf@erwin.complete.org> <20000202181855.H50448@enst.fr> <87n1pjy0qs.fsf@erwin.complete.org> <20000202184944.K50448@enst.fr> <87ya93h467.fsf@erwin.complete.org> <20000202224510.A1675@polynum.com> <87iu07htfw.fsf@glaurung.green-gryphon.com>

On Wed, Feb 02, 2000 at 09:10:43PM -0600, Manoj Srivastava wrote:
> >>"Thierry" == Thierry Laronde <thierry.laronde@polynum.com> writes:
> 
>  Thierry> "refuse to read the documentation"!
> 
>  Thierry> REFUSE TO READ THE DOCUMENTATION !!!
> 
>  Thierry> An administrator has to guess what the Debian's MBR does ? Has to guess
>  Thierry> that the Debian's MBR has extra features ? Ah, OK : "read" like
>  Thierry> "read in mind"...
> 
>         Only if he is an idiot. The docs are there in /usr/doc/mbr/.

Maurice Merleau-Ponty has said : "You can't find anything if you don't 
know already what you are looking for".

If I install LILO, then I read LILO documentation. But this is not _the_
MBR, this is _a_ MBR : how can someone guess that this one is special ?
How can someone guess that reading LILO is not sufficient, and that the
documentation about the Debian's MBR is not redundant ?

*I* don't want the default to be changed because I just *discovered* that
the Debian's MBR can be absolutely useful. The "crime" here, is not letting
every body know that :
- The MBR is special and powerful;
- and thus, must be configured in order to achieve security.

So a two lines warning about the special MBR and with a pointer to the doc
would be enough.
-- 
Thierry LARONDE <thierry.laronde@polynum.com>
website : http://www.polynum.com
/home du SDF (Site Debian Francophone) : http://www.polynum.com/debian

Reply to:

Follow-Ups:
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Branden Robinson <branden@ecn.purdue.edu>

References:
- [POSSIBLE GRAVE SECURITY HOLD]
  - From: Samuel Tardieu <sam@debian.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Thierry Laronde <thierry.laronde@polynum.com>
- Re: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: [POSSIBLE GRAVE SECURITY HOLD]
Next by Date: Re: Debian for kids (long)
Previous by thread: Re: [POSSIBLE GRAVE SECURITY HOLD]
Next by thread: Re: [POSSIBLE GRAVE SECURITY HOLD]
Index(es):
- Date
- Thread