Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Dec 2001 11:21:19 -0800 (PST)
From:      John Baldwin <jhb@FreeBSD.org>
To:        Paul Richards <paul@freebsd-services.com>
Cc:        Wilko Bulte <wkb@freebie.xs4all.nl>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, mini@haikugeek.com, Alfred Perlstein <bright@mu.org>, Mike Silbersack <silby@silby.com>, Mike Barcroft <mike@FreeBSD.ORG>
Subject:   Re: cvs commit: src/sys/boot/i386/loader version src/share/examp
Message-ID:  <XFMail.011211112119.jhb@FreeBSD.org>
In-Reply-To: <868210000.1008098113@lobster.originative.co.uk>

next in thread | previous in thread | raw e-mail | index | archive | help

On 11-Dec-01 Paul Richards wrote:
> Well, I think your argument is a flawed one since you're trying to argue
> that because you can think of one hole it's not a problem that you've added
> another one.

If you have a piece of Swiss cheese, who is going to notice one more hole? 
It's not like there was 1 hole before and now there are 2.  There are several
holes and now there are several + 1 holes.
 
> So the issue is really whether we can secure the loader, because now that
> I'm aware of that loophole it concerns me that it's so easy to compromise a
> FreeBSD box.
> 
> Can we add a password feature to the loader so that we have a secure loader?

It has that, but it's simple.  You didn't read my earlier message though where
I detailed what we _did_ do for my lab at school.  We didn't use the loader at
all, instead we hacked (it was a small hack, and an #ifdef for it could be
made) boot2 to not accept user input and to boot the kernel directly.  This
means using a static kernel, and in -current compiling your hints statically
into the kernel.  This way you bypass the loader completely and don't have to
worry about user input.  Granted, if you hose your kernel, you have to pull out
a boot floppy to do recovery, but that is the price you pay.

-- 

John Baldwin <jhb@FreeBSD.org>  <><  http://www.FreeBSD.org/~jhb/
"Power Users Use the Power to Serve!"  -  http://www.FreeBSD.org/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.011211112119.jhb>