Date: Thu, 12 Feb 1998 11:24:59 -0500 (EST) From: Steve Hovey <shovey@buffnet.net> To: 026809r@dragon.acadiau.ca Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Security Message-ID: <Pine.BSI.3.95.980212112228.1638A-100000@buffnet11.buffnet.net> In-Reply-To: <199802112206.SAA24704@scifair.acadiau.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 11 Feb 1998, Michael Richards wrote: > > > Is FreeBSD C2 security standards compliant ?? If so, what version did > > > these security features debut ?? > > > > No it is not - I believe to be C2 you must not be able to gain access to > > the disks even from the console of the machine itself without a valid > > userid and password - and with FreeBSD you can boot with -s to bring it up > > standalone as root. > If this is the only thing FreeBSD needs to be C2 compliant, maybe someone > could come up with some kind of fix where your username and password can > optionally be put in the boot block so you need it to give any startup > options on bootup. Then use the bios to stop flopy bootups. Would that > satisfy the requirements? > I think there are a few other requirements - SCO is C2, and I think things like kernal permissions - for instance, you can allow userid 'foobar' set user passwords (but not ROOT) or to use chmod, etc. The boot issue just came to mind quickly, since it was a PROBLEM with SCO - If you had a problem such as a forgotten or lost root password, you had to force crash the system to get it to fall to root for a manual fsck of the / partition. (and cross your fingers , and light candles and stuff) Alot of it is silly overkill that admins eventually put in work arounds for anyways.. but thats govt. ------------------------------------------------------------------ Steve Hovey Chief Engineer BuffNET More Than Just a Connection! ------------------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.980212112228.1638A-100000>