From owner-cvs-all Tue Dec 11 11:40: 0 2001 Delivered-To: cvs-all@freebsd.org Received: from westhost36.westhost.net (westhost36.westhost.net [216.71.84.209]) by hub.freebsd.org (Postfix) with ESMTP id 8729937B506; Tue, 11 Dec 2001 11:39:37 -0800 (PST) Received: from localhost (haikugeek@localhost) by westhost36.westhost.net (8.11.6/8.11.6) with ESMTP id fBBJcDL03416; Tue, 11 Dec 2001 13:38:13 -0600 Date: Tue, 11 Dec 2001 13:38:13 -0600 (CST) From: Jon Mini X-X-Sender: To: Mike Barcroft Cc: Paul Richards , Mike Silbersack , Alfred Perlstein , John Baldwin , , , Subject: Re: cvs commit: src/sys/boot/i386/loader version src/share/examp In-Reply-To: <20011211010336.Q1956@espresso.q9media.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 11 Dec 2001, Mike Barcroft wrote: > Paul Richards writes: > > Perhaps a secure loader would be useful, such that it doesn't allow > interrupting. Similar things could be done with the pre-loader boot, > but this write from loader feature seems so useful to me that I can't > imagine why we would want to turn it off by default, particularly > given the intrinsic insecurities of our current loader. > A "secure loader" is already present on the system. Don't use autoboot, and reboot if the boot script fails. Or, more specifically, add this to loader.rc: boot bye ... should the boot word return (i.e. no kernel was found during the automatic load process), the bye word will reboot the system. No chance is given for anyone at the console to interrupt this process. -- Dizzy Cow (Jon Mini) dizzycow@haikugeek.com ... Desolation ... Despair ... Plastic Forks ... ~ ~ ~ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message