From owner-freebsd-security Fri Dec 20 07:37:38 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id HAA23791 for security-outgoing; Fri, 20 Dec 1996 07:37:38 -0800 (PST) Received: from vulcan.mikom.csir.co.za (vulcan.mikom.csir.co.za [146.64.83.97]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id HAA23785 for ; Fri, 20 Dec 1996 07:37:30 -0800 (PST) Received: (from jtonsing@localhost) by vulcan.mikom.csir.co.za (8.7.5/8.6.12) id RAA18260; Fri, 20 Dec 1996 17:36:34 +0200 (SAT) From: Johann Tonsing Message-Id: <199612201536.RAA18260@vulcan.mikom.csir.co.za> Subject: Re: stopping users from rebooting with ctr-alt-del To: sean@perky.gothic.net.au (Sean Winn) Date: Fri, 20 Dec 1996 17:36:34 +0200 (SAT) Cc: freebsd-security@freebsd.org In-Reply-To: from "Sean Winn" at Dec 21, 96 01:38:24 am X-Mailer: ELM [version 2.4 PL24 ME8a] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Sean Winn wrote: > Just a simple question concerning the use of Ctrl-Alt-Del; would it be > possible to only make the reboot usable only if it was root logged into > the currently visible vty? Not being that cluey on the internals of the > FreeBSD console internals, it's more a curiosity question than anything. > A definitive "yes/no/damned if I know" from those who *are* capable of > answering would save a relative novice hacker from wasting time :) Well, I guess it is possible since we have full source of the OS. Whether it is desireable is another question. > I can already see a nice simple problem, in that it would only work after > login...if you need to shutdown because you can't login for some reason > (exhausted swap space because of a nasty process?), then this makes things > difficult...but it should help machines in public places around people who > have too much curiosity. I'd consider having the kernel prompt for the root password if the console is marked insecure. This probably means that the MD5 of the root password will have to be placed in the kernel somewhere during the boot process while the disk is still accessible. (The user might want to reboot when the disk is not accessible.) (Keeping the root password in the kernel as plaintext is not a good idea.) Regards JT -- jtonsing@mikom.csir.co.za PGP public key: ftp://skeleton.mikom.csir.co.za/pub/netsec.pgp/jtonsing.pub Send anonymous mail to jt-anon@zibbi.mikom.csir.co.za (no reply possible)