From owner-freebsd-questions@FreeBSD.ORG Tue Oct 5 16:27:59 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 63DAF16A4D0 for ; Tue, 5 Oct 2004 16:27:59 +0000 (GMT) Received: from mproxy.gmail.com (rproxy.gmail.com [64.233.170.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CE2043D2F for ; Tue, 5 Oct 2004 16:27:59 +0000 (GMT) (envelope-from tkmilbaugh@gmail.com) Received: by mproxy.gmail.com with SMTP id 79so3931403rnk for ; Tue, 05 Oct 2004 09:27:55 -0700 (PDT) Received: by 10.38.82.59 with SMTP id f59mr574778rnb; Tue, 05 Oct 2004 09:27:54 -0700 (PDT) Received: by 10.38.73.41 with HTTP; Tue, 5 Oct 2004 09:27:54 -0700 (PDT) Message-ID: <2861cf0f041005092714662997@mail.gmail.com> Date: Tue, 5 Oct 2004 12:27:54 -0400 From: "Theodore K. Milbaugh" To: Nathan Kinkade , Cristobal Miguelo , freebsd-questions@freebsd.org In-Reply-To: <20041005161249.GX3633@gentoo-npk.bmp.ub> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <20041004163650.GM3633@gentoo-npk.bmp.ub> <20041005042331.14030.qmail@web53801.mail.yahoo.com> <20041005161249.GX3633@gentoo-npk.bmp.ub> Subject: Re: Booting to CD and the handing off to HD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: ted@milbaugh.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Oct 2004 16:27:59 -0000 On Tue, 5 Oct 2004 10:12:49 -0600, Nathan Kinkade wrote: > On Mon, Oct 04, 2004 at 09:23:31PM -0700, Cristobal Miguelo wrote: > > > > On Sun, Oct 03, 2004 at 08:58:05PM -0700, Cristobal Miguelo wrote: > > > > Hello, > > > > > > I would like to have it completely automated: > > > > The machine goes down at 4am for the check and boots to cd, then the cd > > controls the hand-off to the hard drive. I'd like to have the BIOS > > setup to only boot the cd and if the HD checks out ok, boot up the HD. > > That way there is a slim chance that any security breach will last > > beyond one night on my machine. I seriously doubt a security breach > > will occur, but I want to close every door imaginable. > > > > Anything else that could be done? > > > > Thx > > -C > > > > What is the reason that you find it necessary to reboot the machine to a > CDROM every morning? Are you sure that there isn't a way to run your > checks while booted to the harddisk? I am fairly sure that you will > never find a way to have the BIOS selectively boot either the CDROM or > the HD based on some OS specific factor, such as a successful check of > the HD. I have a feeling that there may be a better way to accomplish > your goal without a reboot to CDROM every morning. Will you tell the > list more about what you are trying to accompish? > > Nathan Since the code that checks the HD is on a CD, it is unlikely to be compromised. Any check in the running OS could be compromised, which the poster wants to avoid. Also, the BIOS will not be selectively booting to CD or HD, it will only boot to the CD. The CD-based check of the HD will be booting the disk if it checks out okay.