Date: Mon, 4 Jan 1999 09:13:40 -0800 (PST) From: Tom Bartol <bartol@salk.edu> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: current@FreeBSD.ORG Subject: Re: New boot blocks for serial console ... Message-ID: <Pine.BSF.3.96.990104090519.53477D-100000@eccles.salk.edu> In-Reply-To: <199901041703.MAA08597@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 4 Jan 1999, Garrett Wollman wrote: > <<On Mon, 4 Jan 1999 09:01:34 -0800 (PST), Tom Bartol <bartol@salk.edu> said: > > >> Not at all. Ever heard of a padlock? > > > Well, then, there's your solution! > > No, because it still doesn't prevent someone from walking up to the > machine and telling it to boot something it shouldn't. > > What we're trying to achieve is an environment where the worst thing > someone could do is cause the machine to reboot. > Then what you need is an untouchable machine in the hardware AND software sense. Padlock the room where the machine sits, get a UPS with plenty reserve power, and don't put it the machine on the net. Probably not a very useful machine when you're all done doing that :-) Sorry, I'm just jerking you around here, you're original idea about have a streamlined boot process is a good one, I'm just pointing out that this is really just a deterrent, like all other security measures as there really is no absolute solution to achieve absolute security. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990104090519.53477D-100000>