From owner-freebsd-security  Wed Apr 12 10:51:45 1995
Return-Path: security-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id KAA19013
          for security-outgoing; Wed, 12 Apr 1995 10:51:45 -0700
Received: from gndrsh.aac.dev.com (gndrsh.aac.dev.com [198.145.92.241])
          by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id KAA19006
          for <freebsd-security@FreeBSD.org>; Wed, 12 Apr 1995 10:51:41 -0700
Received: (from rgrimes@localhost) by gndrsh.aac.dev.com (8.6.8/8.6.6) id KAA07234; Wed, 12 Apr 1995 10:51:21 -0700
From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com>
Message-Id: <199504121751.KAA07234@gndrsh.aac.dev.com>
Subject: Re: FreeBSD Security Problem?
To: davew@sees.bangor.ac.uk (Mr D Whitehead)
Date: Wed, 12 Apr 1995 10:51:21 -0700 (PDT)
Cc: freebsd-security@FreeBSD.org
In-Reply-To: <9326.9504121533@sol.sees.bangor.ac.uk> from "Mr D Whitehead" at Apr 12, 95 04:33:28 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 1611      
Sender: security-owner@FreeBSD.org
Precedence: bulk

> 
> Hi,
> 	First the compliments - great job so far.  
> 
> 	Now the problem.  I have been using FreeBSD (2.0R) at home (without 
> any problems) and also evaluating it for use at work.  One ancient and major 
> problem seems to exist (unless I have missed something or it has already been 
> altered) and that is the reboot to single user.  No password, nothing, just a 
> root shell to do with as you wish.  OK I know its not a problem at home - but 
> just imagine the fun all our undergraduates would have with this if we put a 
> machine in a public area (the current suggestion is for 50).
> 
> 	We would really like to replace our ageing Sun SLC's but are seriously
> worried about the above problem - any comments?

As has already been pointed out in other mail tweak /etc/ttys.  But this
still leaves a very nasty hole you need to plug.  You will have to remove
the floppy drive from all machines, otherwise a person can just download
a FreeBSD boot floppy and boot single user from it, mount the hard disk,
splat the passwd file or the ttys file and then reboot from the hard
disk.

Some BOIS allow you to set the boot sequecne to C:, A:, if yours do, this
is another way around the floppy problem.  Set it to C:, A:, and then
password protect the BIOS so the user can't change it back.  Since C:
should always have a valid boot partition on it there is no way for
them to boot from floppy, but they can still use the floppy for
normal things.


-- 
Rod Grimes                                      rgrimes@gndrsh.aac.dev.com
Accurate Automation Company                   Custom computers for FreeBSD