Date: Sun, 1 Feb 1998 16:59:54 -0500 (EST) From: "David E. Cross" <dec@phoenix.its.rpi.edu> To: Karl Pielorz <kpielorz@tdx.co.uk> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD boot banner (securing FreeBSD) Message-ID: <Pine.BSF.3.96.980201165642.2916B-100000@phoenix.its.rpi.edu> In-Reply-To: <34D4E92B.C0BA0172@tdx.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 1 Feb 1998, Karl Pielorz wrote: > Hmmm.... > > I still don't think it's going to be possible unless you remove the floppy and > padlock the case... > > I've seen some 'mean' floppy-drive locks though (not like the usual plastic > affairs) which might make it more feasable just to lock the drive up... > > As for getting round the security with 2 disks, well you can do it with 1 for > NT, and I seem to remember being able to boot the old SCO system I used to run > off a floppy - and then mount the root filesystems etc. (though it wasn't > running C2 trusted)... > > You could always set a BIOS password on the machine, make sure the case is > very well secured (back to padlock again) - and disable the machine booting > from the Floppy drive - which at least leaves it free for usage once booted? > > Regards, > Yes, this is what has already beeen done (BIOS password, with disabled floppy drive for booting), but this is uselesss, as The FreeBSD boot-block allows you to load the kernel from an arbitrary device (per the /boot.help file), a person just need to have the install disk, and the fixit disk, when the machinne comes up wait for the FreeBSD boot prompt, place the install disk in the drive, enter -fd(0,a)/kernel... and viola, you have root on the system without ever cracking a screw on the case. -- David Cross UNIX Systems Administrator GE Corporate R&D
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980201165642.2916B-100000>