From owner-freebsd-security Fri Nov 9 4:22:13 2001 Delivered-To: freebsd-security@freebsd.org Received: from atkielski.com (atkielski.com [161.58.232.69]) by hub.freebsd.org (Postfix) with ESMTP id B679837B421 for ; Fri, 9 Nov 2001 04:22:08 -0800 (PST) Received: from contactdish (ASt-Lambert-101-2-1-14.abo.wanadoo.fr [193.251.59.14]) by atkielski.com (8.11.6) id fA9CLPr93698; Fri, 9 Nov 2001 13:21:25 +0100 (CET) Message-ID: <01ba01c16919$2637e220$0a00000a@atkielski.com> From: "Anthony Atkielski" To: References: <20011108232136.M5084-100000@coredump.scriptkiddie.org> Subject: Re: reboot,ctrl+alt+del,shutdown Date: Fri, 9 Nov 2001 13:22:01 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org That's why I did this yesterday. In MS-DOS days, Ctrl-Alt-Del did boot the machine, and so you learned to avoid it. But on Windows NT, it's the secure attention signal, used to log in and out of the system (and to get the system's attention if something goes terribly wrong), so you are using it regularly. The first time I did this on FreeBSD and the system instantly booted, I was quite surprised to say the least. I've fixed that now. In this case, it doesn't stop malicious persons, but it prevents a lot of accidents. Had there been 200 people on the machine when I pressed Ctrl-Alt-Del, I would have been very unhappy. ----- Original Message ----- From: "Lamont Granquist" To: "Bart Matthaei" Cc: Sent: Friday, November 09, 2001 08:26 Subject: Re: reboot,ctrl+alt+del,shutdown > > If you extend security to include security from accidental mistakes then > this most certainly does become appropriate. It prevents MCSEs from > hitting ctrl-alt-del when they see the "Login: " prompt. > > On Fri, 9 Nov 2001, Bart Matthaei wrote: > > On Thu, Nov 08, 2001 at 03:22:59PM -0800, Landon Stewart wrote: > > > Although its answered in the FAQ already, its definately security > > > related. Physical security is the one of the most over looked security issues. > > > > If someone has physical access to a machine, stopping him from > > rebooting with cntrl+alt+del wont do squat.. He can always flip the > > reset button, or unplug the cable. So I dont think disabling > > cntrl+alt+del is relevant in security. Therefor, its not a > > freebsd-security question. Imho, that is. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message