From owner-freebsd-questions@FreeBSD.ORG  Fri Dec  5 09:20:32 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CE9D916A4CE
	for <questions@freebsd.org>; Fri,  5 Dec 2003 09:20:32 -0800 (PST)
Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com
	[66.111.4.26])	by mx1.FreeBSD.org (Postfix) with ESMTP id 976BB43FAF
	for <questions@freebsd.org>; Fri,  5 Dec 2003 09:20:30 -0800 (PST)
	(envelope-from nkinkade@fastmail.fm)
X-Sasl-enc: I+E9pbq5mhwATtUHOqd1QA 1070644795
Received: from [206.26.199.146] (unknown [206.27.244.214])
	by www.fastmail.fm (Postfix) with ESMTP id 5A4DF45F98C;
	Fri,  5 Dec 2003 12:19:54 -0500 (EST)
Received: from nkinkade by [206.26.199.146] with local (Exim 4.12)
	id 1AS1Z3-0003wo-00; Thu, 04 Dec 2003 16:03:13 -0600
Date: Thu, 4 Dec 2003 16:03:12 -0600
From: Nathan Kinkade <nkinkade@ub.edu.bz>
To: Dru <dlavigne6@sympatico.ca>
Message-ID: <20031204220312.GC15894@npkfbsd>
References: <20031204141547.T598@genisis>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="LkL3iLkxWcC48rNm"
Content-Disposition: inline
In-Reply-To: <20031204141547.T598@genisis>
User-Agent: Mutt/1.4.1i
Sender: Nathan Kinkade <nkinkade@[206.26.199.146]>
cc: questions@freebsd.org
Subject: Re: protecting loader
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Nathan Kinkade <nkinkade@ub.edu.bz>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Dec 2003 17:20:32 -0000


--LkL3iLkxWcC48rNm
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Dec 04, 2003 at 02:20:07PM -0500, Dru wrote:
>=20
> Is there a way to prevent a user from bypassing loader and
> loading/unloading stuff at the OK prompt? (other than physical security
> measures)
>=20
> I tried placing "/boot/loader -n" in "/boot.config", but it didn't make a
> difference.
>=20
> Dru

If I understand your question, you could put the following line in your
/boot/loader.conf file:

autoboot_delay=3D"0"

I think this will effectively prevent users from interrupting the loader
to make changes.  Just make sure that you have some other way to boot
the system, such as a floppy, in case you later run into problems.

Nathan
--=20
gpg --keyserver pgp.mit.edu --recv-keys D8527E49

--LkL3iLkxWcC48rNm
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE/z68gO0ZIEthSfkkRAiDXAJ9pYgae6Ef1BL1goKAdKgEw1191hQCgtJFI
RG6fDATmwXPQ4V3d870bwOc=
=d7n1
-----END PGP SIGNATURE-----

--LkL3iLkxWcC48rNm--