From owner-cvs-all  Tue Dec 11 11:57:18 2001
Delivered-To: cvs-all@freebsd.org
Received: from mailgate.originative.co.uk (mailgate.originative.co.uk [62.232.68.68])
	by hub.freebsd.org (Postfix) with ESMTP
	id 69FB637B416; Tue, 11 Dec 2001 11:57:11 -0800 (PST)
Received: from lobster.originative.co.uk (lobster [62.232.68.81])
	by mailgate.originative.co.uk (Postfix) with ESMTP
	id 67BCA1D169; Tue, 11 Dec 2001 19:57:09 +0000 (GMT)
Date: Tue, 11 Dec 2001 19:57:09 -0000
From: Paul Richards <paul@freebsd-services.com>
To: John Baldwin <jhb@FreeBSD.org>
Cc: Mike Barcroft <mike@FreeBSD.ORG>,
	Mike Silbersack <silby@silby.com>, Alfred Perlstein <bright@mu.org>,
	mini@haikugeek.com, cvs-all@FreeBSD.ORG, cvs-committers@FreeBSD.ORG,
	Wilko Bulte <wkb@freebie.xs4all.nl>
Subject: Re: cvs commit: src/sys/boot/i386/loader version src/share/examp
Message-ID: <889160000.1008100629@lobster.originative.co.uk>
In-Reply-To: <XFMail.011211114411.jhb@FreeBSD.org>
References:  <XFMail.011211114411.jhb@FreeBSD.org>
X-Mailer: Mulberry/2.1.1 (Linux/x86)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

--On Tuesday, December 11, 2001 11:44:11 -0800 John Baldwin
<jhb@FreeBSD.org> wrote:

> 
> I think that the loader is not intended for secure sites, there are too
> many things you would have to do to plug holes, so IMO, just bypassing it
> is your best bet.  You dont' want to have to enter the root password to
> boot the machine every time I wouldn't think.

That wasn't what I was thinking.

You've have to enter the root password to make any changes, the loader
would happily boot straight through without the password otherwise. It'd
behave just like a secure console.

If I was trying to prevent people booting the machine in the first place
I'd use a BIOS passwd but the loader provides an opportunity for someone to
grab root just by power cycling the box and that seems like a hole that
needs to be plugged.

Paul Richards
FreeBSD Services Ltd
http://www.freebsd-services.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message