From owner-freebsd-questions Wed Dec 9 10:15:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA09812 for freebsd-questions-outgoing; Wed, 9 Dec 1998 10:15:00 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from silk.net (music.silk.net [206.12.206.32]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA09804 for ; Wed, 9 Dec 1998 10:14:58 -0800 (PST) (envelope-from eddie@silk.net) Received: from presario1 (kel074.silk.net [204.244.76.74]) by silk.net (8.8.5/8.6.11) with SMTP id KAA29531; Wed, 9 Dec 1998 10:13:35 -0800 (PST) Message-ID: <005901be2397$b6610cc0$4a4cf4cc@presario1> Reply-To: "Eddie Lawhead" From: "Eddie Lawhead" To: "Pat Lynch" , "Steve Friedrich" Cc: "Gregory Sutter" , "Michael Borowiec" , Subject: Re: Securing the FreeBSD console Date: Wed, 9 Dec 1998 10:16:47 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG No doubt. And not only that but do you think the MS Win people(This must be the opposite of a "TOY OS"?) will tell you that having cleansweep on your computer will screw up an install of IE? Or tell the normal user that the passwords in Win 95 really don't do anything? Well the same goes for FreeBSD. The FreeBSD team cannot be held responsible for all of the ports, it is just to large. It is up to the devolpers of the applications to point out security problems, or to users of the apps. Having XLock and all the security features in the world is useless if I can turn you computer off (accidently, my knee bumped the power), while you are in the middle of designing a bridge you forgot to save. Ed >Agreed, even with a "commercial OS" I can always powercycle the machine >and boot off other media to mount the root partition, blank out the root >password and get in. *Time to lock the labs*, hello? McFly? > >-P > >___________________________________________________________________________ > >Pat Lynch lynch@rush.net >Systems Administrator Rush Networking > >___________________________________________________________________________ > >On Wed, 9 Dec 1998, Steve Friedrich wrote: > >> On Wed, 9 Dec 1998 10:50:07 -0600 (CST), Michael Borowiec wrote: >> >> >Just FYI... I'm introducing FreeBSD at work, a 1000-seat engineering >> >environment, where people share offices and labs that don't lock. >> >Most of the UNIX folk in my environment were horrified by these defaults - >> >but moreso by the lack of documentation pointing them out. It was even >> >suggested the OS not be used at all, for fear that (1) the FreeBSD team >> >either doesn't understand, or doesn't take commercial security concerns >> >seriously, and (2) that there are probably many more undocumented actions >> >in a "hobbyist (read TOY) OS" that could be exploited to gain fast access. >> >> Just my two cents... >> I think it's funny your people are *horrified* by this situation, yet >> they have implemented absolutely NO physical security at all. This is >> really quite absurd, because NO PC is secure if I have physical access. >> >> >> Unix systems measure "uptime" in years, Winblows measures it in minutes. >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >> > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message