From owner-freebsd-security Mon Jul 3 14: 5:54 2000 Delivered-To: freebsd-security@freebsd.org Received: from server.baldwin.cx (server.geekhouse.net [64.81.6.52]) by hub.freebsd.org (Postfix) with ESMTP id BADE237B84A for ; Mon, 3 Jul 2000 14:05:49 -0700 (PDT) (envelope-from john@baldwin.cx) Received: from john.baldwin.cx (root@john.baldwin.cx [192.168.1.18]) by server.baldwin.cx (8.9.3/8.9.3) with ESMTP id OAA29702; Mon, 3 Jul 2000 14:05:48 -0700 (PDT) (envelope-from john@baldwin.cx) Received: (from john@localhost) by john.baldwin.cx (8.9.3/8.9.3) id OAA36912; Mon, 3 Jul 2000 14:06:49 -0700 (PDT) (envelope-from john) Message-Id: <200007032106.OAA36912@john.baldwin.cx> X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <20000703115320.A341@ldc.ro> Date: Mon, 03 Jul 2000 14:06:48 -0700 (PDT) From: John Baldwin To: Alex Popa Subject: RE: securing the boot process (again?!?) Cc: freebsd-security@FreeBSD.ORG Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 03-Jul-00 Alex Popa wrote: > I have been trying to secure (a bit) the boot process of a 4.0-STABLE > machine that is located in a public place. > > I need to use the floppy disk, but if I disable it from the BIOS I get > no access to it under FreeBSD. So I set the boot sequence to "C only" > but if I press space while the initial hyphen is displayed i get a > prompt with no password being requested. (Note I have set a password > in /boot/loader.conf, and set the console to "insecure" in /etc/ttys) > > The problem is I can boot any kernel or loader, including a kernel off > the floppy drive [just type fd(0,a)/evilkernel at the prompt]. From > there to a setuid(12345) that yields uid=0 (patched kernel, remember?) > is just a small step. Any ideas for further improvement of the boot > process security? Umm, well. You can try hacking boot2 to require a password, but usually if someone has physical access to the machine, it's close to being all over to begin with. You could also hack boot2 to just always load /boot/loader and never allow for a prompt if you wish. > Note: I have used the "Dangerously dedicated" option when installing. Ugh, well, you can't ever use boot0 or any other boot managers. :P > Thanks alot, > Alex. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message