Date: Wed, 9 Dec 1998 12:27:25 -0500 (EST) From: "James A. Mutter" <jmutter@netwalk.com> To: Michael Borowiec <mikebo@Mcs.Net> Cc: questions@FreeBSD.ORG Subject: Re: Securing the FreeBSD console Message-ID: <Pine.BSF.4.05.9812091221450.5578-100000@insomnia.local.net> In-Reply-To: <199812090624.AAA12484@Mars.mcs.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Greetings - > Just when I think I've got my FreeBSD console relatively secure with > xlock, someone else shows up with a new key combination to easily > circumvent it... > > To prevent people from killing your X-Server with Ctrl-Alt-Backspace > requires a simple mod to /etc/XF86Config - NoZap. Covered... > > To prevent rebooting your server with a Ctrl-Alt-Del requires > a kernel config change. Where is this documented? Last I checked that was documented in the LINT kernel. Not hard to find. > > Xlock is useless with the sc0 console driver, since typing Ctrl-Alt-F1 > breaks out of graphics mode, back to the virtual terminal. Then one simply > does a Ctrl-C and they're in... How can this be disabled? startx && logout - Has always worked for me. > Anyone know of any other knuckle-head methods to break xlock? > (besides pulling the power cord out ;v) > > Anyone know why FreeBSD ships with all these security holes enabled by > default? I checked the FreeBSD Security web page, and there was no mention > of any of these "features", or how to plug them. (Did I miss something?) Most of the problems/situations you have mentioned are with XFree86 and _not_ FreeBSD - you may want to take this up with them. > > Any pointers would be welcome. Thanks! > Regards, Physical security, without it nothing is secure. Any PC is vulnerable if I have a boot floppy. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9812091221450.5578-100000>