[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]

Stephane Bortzmeyer <bortzmeyer@pasteur.fr> writes:

> This is certainly true of most Debian administrators. Ask yourself: "Where you 
> aware that *any* precaution you take, such as setting a BIOS password, locking 
> the box, or adding a password in LILO was useless?"

Of course.  It is not possible to achieve total security when hostile people
have physical access to the machine.  Period.

The best that can be done is make life harder for the would-be
attacker.

> This is the sort of attitude I expect from *BSD, where every user is supposed 
> to be, like the Adam Smith consumer, perfectly knowledgeable about anything. 
> But this is not a proper attitude for Debian, whose purpose is to let users 
> spend less time with the setup of the system.

Which is why we give them MBR, isn't it.  You're asking for us to do
something that directly contradicts your above paragraph.

-- 
John Goerzen   Linux, Unix consulting & programming   jgoerzen@complete.org |
Developer, Debian GNU/Linux (Free powerful OS upgrade)       www.debian.org |
----------------------------------------------------------------------------+
The 175,371,728th prime number is 3,678,008,833.
Reply to: