Date: Tue, 4 Apr 2000 15:53:59 +0300 From: Ruslan Ermilov <ru@ucb.crimea.ua> To: freebsd-questions@FreeBSD.ORG Subject: Re: Disable boot -s Message-ID: <20000404155359.A71975@relay.ucb.crimea.ua> In-Reply-To: <38E9E3E8.359C0F6@sterling.com>; from Alan Edmonds on Tue, Apr 04, 2000 at 07:45:28AM -0500 References: <86962.954843435@axl.ops.uunet.co.za> <38E9E3E8.359C0F6@sterling.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 04, 2000 at 07:45:28AM -0500, Alan Edmonds wrote: > Sheldon Hearn wrote: > > > > On Tue, 04 Apr 2000 12:18:13 GMT, Andrew wrote: > > > > > I have FreeBSD mail server in my organisation. It located in room > > > with no lock, with free access to the PC's monitor for all. This is my > > > workbench. > > > > > > I'm afraid that anyone, who knows about boot -s, may reboot the > > > machine and makes me cry. > > > > Okay, I take back my previous advice. Although what I told you about > > flagging the console as insecure was sound advice in some circumstances, > > it's just going to lead you into a false sense of security in this case. > > > > Anyone who knows about boot -s probably also knows how to create boot > > floppies. Getting into your PC won't be very difficult. > > > > Removing the floppy drive from your box may help, provided that you have > > some way of ensuring that nobody opens the box up with a screwdriver or > > saw. > > I'm not sure if it was on this list, but one security conscious person > would leave the floppy drive installed, but install it facing into > the case. That way he could remove the system cover if he needed > access to the floppy and didn't have to carry around an extra floppy > drive. As I recall, this was in a classroom situation and he wanted > to prevent students from stealing software and data from the PCs. > > I apologize if I got the details wrong and for forgetting who > originally posted this. > Or just set the BIOS to boot from the hard drive first. -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000404155359.A71975>