Date: Wed, 12 Apr 1995 17:37:09 -0400 (EDT) From: "Rashid Karimov." <rashid@haven.ios.com> To: nlawson@statler.csc.calpoly.edu (Nathan Lawson) Cc: davew@sees.bangor.ac.uk, security@FreeBSD.org Subject: Re: FreeBSD Security Problem? Message-ID: <199504122137.RAA05405@haven.ios.com> In-Reply-To: <9504121713.AA05444@statler.CalPoly.Edu> from "Nathan Lawson" at Apr 12, 95 10:13:34 am
next in thread | previous in thread | raw e-mail | index | archive | help
HI there, > > > First the compliments - great job so far. > > > > Now the problem. I have been using FreeBSD (2.0R) at home (without > > any problems) and also evaluating it for use at work. One ancient and major > > problem seems to exist (unless I have missed something or it has already been > > altered) and that is the reboot to single user. No password, nothing, just a > > root shell to do with as you wish. OK I know its not a problem at home - but > > just imagine the fun all our undergraduates would have with this if we put a > > machine in a public area (the current suggestion is for 50). > > > > We would really like to replace our ageing Sun SLC's but are seriously > > worried about the above problem - any comments? > > Only that it's not a problem. Change the entry in /etc/ttys for "console" > from "secure" to "insecure" and you will be required to enter the root password > before being dropped to a shell in single-user mode. There is so called "physical security" :) . If you don't trust your undergraduates - put the PC into the safe. Because even if you'll make the console secure , they will be able to harm the PC - by booting from the floppy - if the PC has one, of going to hardware setup and reformatting the HDD... alot of nasty things :) SY RK K
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199504122137.RAA05405>