Date: Sat, 28 Apr 2001 17:27:44 -0500 From: Mike Meyer <mwm@mired.org> To: Frank v Waveren <fvw@var.cx> Cc: questions@freebsd.org Subject: Re: securing the bootup sequence Message-ID: <15083.17376.926579.60552@guru.mired.org> In-Reply-To: <27431173@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Frank v Waveren <fvw@var.cx> types: > I'm trying to secure the bootup sequence of a 4.3-release install. > With a linux install (the box's previous install) this is quite easy, > just set the bios to disallow boot from floppy, and give lilo the > password= and 'restricted' options. With that configuration, there is > no way to get access to an account on the box without physically > opening it. > > However, trying to do this with FreeBSD proves a lot harder. Since I > have two IDE drives, boot0 gives the F? list of drives, from which you > can select the drive without the kernel on it, which can bring the > boot process to a halt, which isn't nice, but isn't terrible either. You don't *have* to use boot0. You could, for instance, use a standard MBR to avoid that. Or any other boot loader. For instance, if you set up grub as recommended, it boots /boot/loader, thus skipping both boot0 and boot2. > boot2 is a lot more annoying however. Even if it doesn't show it's > prompt by default, pressing space when you get the first '-' will > bring up the prompt. From here, you can load an arbitrary replacement > for /boot/loader, either previously stored in a users homedir or from > floppy. I can't find any way short of hacking the code of stopping > boot2 from doing this. Sounds like a good reason not to use boot2. > The next part of the entertainment is /boot/loader. According to all > the docu, having a set password=foo and check-password in > /boot/loader.rc should get you a password prompt if you do anything > apart from allowing the autoboot to continue. However, the password > prompt doesn't appear for me, whatever I tried.. :-(. It's not 'set password=foo', it's just 'password="foo"' in /boot/loader.conf. It works fine for me. You could also try skipping /boot/loader and just loading the kernel, but there the loader apparently sets some stuff up that the running system needs. > I have found one discussion from a while back on this topic on > deja.com, however I didn't find any useful answers apart from "there's > no such thing as security if the attacker has physical access", but > I'm not trying to protect against physical access here, just console > access. Well, you still can't make it perfect - but there's no reason not to make it as hard as possible. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15083.17376.926579.60552>