Date: Tue, 11 Dec 2001 01:03:36 -0500 From: Mike Barcroft <mike@FreeBSD.org> To: Paul Richards <paul@freebsd-services.com> Cc: Mike Silbersack <silby@silby.com>, Alfred Perlstein <bright@mu.org>, John Baldwin <jhb@FreeBSD.org>, mini@haikugeek.com, cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org Subject: Re: cvs commit: src/sys/boot/i386/loader version src/share/examp Message-ID: <20011211010336.Q1956@espresso.q9media.com> In-Reply-To: <616630000.1008044969@lobster.originative.co.uk>; from paul@freebsd-services.com on Tue, Dec 11, 2001 at 04:29:29AM -0000 References: <20011210201909.O92148@elvis.mu.org> <Pine.BSF.4.30.0112102122001.22013-100000@niwun.pair.com> <20011210221836.N1956@espresso.q9media.com> <616630000.1008044969@lobster.originative.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Richards <paul@freebsd-services.com> writes: > You need the superuser password to get to single user if the console is > secure. The loader can be used to circumvent that now. Interesting, I hadn't seen that before. This is probably only useful at preventing people that don't have an account on the system, and don't have physical access to the harddisk, CD-ROM/DVD-ROM, or floppy drives from gaining root. To gain root from an account and console access, one need only craft an init(8) and change the loader init_path. Perhaps a secure loader would be useful, such that it doesn't allow interrupting. Similar things could be done with the pre-loader boot, but this write from loader feature seems so useful to me that I can't imagine why we would want to turn it off by default, particularly given the intrinsic insecurities of our current loader. Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011211010336.Q1956>