Date: Tue, 15 May 2001 00:54:31 +0200 From: Erik Trulsson <ertr1013@student.uu.se> To: freebsd-security@FreeBSD.ORG Subject: Re: nfs mounts / su / yp Message-ID: <20010515005431.A40399@student.uu.se> In-Reply-To: <20010515002124.A647@dude.dsl.ru.ac.za>; from dom@dude.dsl.ru.ac.za on Tue, May 15, 2001 at 12:21:24AM %2B0200 References: <3B0015E5.2E1AED1B@centtech.com> <Pine.BSF.4.21.0105141358540.43455-100000@mail.wlcg.com> <20010515002124.A647@dude.dsl.ru.ac.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 15, 2001 at 12:21:24AM +0200, Dominic Parry wrote: > > Just a thought, you could in your bios set password and then boot only of > the hdd. That way no one could boot of a stiffy etc. Yes, they could. Assuming they can open the case they could either reset the BIOS password (almost all mobo have some jumper or similar that can be used to reset the password), or they could just connect their own hdd and boot from that. It is quite a bit more work and would probably stop those who are merely driven by idle curiosity. Stopping a determined and knowledgeable person who have physical access to the computer from getting root access ranges from difficult to nearly impossible. > > On Mon 2001-05-14 (14:02), Rob Simmons wrote: > //> -----BEGIN PGP SIGNED MESSAGE----- > //> Hash: RIPEMD160 > //> > //> You could set the console to insecure in /etc/ttys. That way single user > //> mode will ask for the root password. You still can't prevent someone from > //> booting with their own floppy disk and making changes that way. I think > //> the only way to prevent that is to use an encrypted filesystem of some > //> sort. > //> -- <Insert your favourite quote here.> Erik Trulsson ertr1013@student.uu.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010515005431.A40399>