Date: Mon, 3 Jul 2000 15:54:07 -0700 From: "Dan O'Connor" <dan@mostgraveconcern.com> To: <razor-bsd-security@ldc.ro>, <freebsd-security@FreeBSD.ORG> Subject: Re: securing the boot process (again?!?) Message-ID: <017c01bfe541$98611f40$0200000a@danco>
next in thread | raw e-mail | index | archive | help
>I have been trying to secure (a bit) the boot process of a 4.0-STABLE >machine that is located in a public place. > >I need to use the floppy disk, but if I disable it from the BIOS I get >no access to it under FreeBSD. So I set the boot sequence to "C only" >but if I press space while the initial hyphen is displayed i get a >prompt with no password being requested. (Note I have set a password >in /boot/loader.conf, and set the console to "insecure" in /etc/ttys) > >The problem is I can boot any kernel or loader, including a kernel off >the floppy drive [just type fd(0,a)/evilkernel at the prompt]. From >there to a setuid(12345) that yields uid=0 (patched kernel, remember?) >is just a small step. Any ideas for further improvement of the boot >process security? Doesn't your computer have a BIOS password? These are typically invoked *before* the BIOS tries to boot off any disk... --Dan -- Dan O'Connor On Matters of Most Grave Concern http://www.mostgraveconcern.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?017c01bfe541$98611f40$0200000a>