From owner-freebsd-current  Tue Jan  5 23:16:19 1999
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA28764
          for freebsd-current-outgoing; Tue, 5 Jan 1999 23:16:19 -0800 (PST)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from xwin.nmhtech.com (xwin.nmhtech.com [208.138.46.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA28753
          for <current@FreeBSD.ORG>; Tue, 5 Jan 1999 23:16:14 -0800 (PST)
          (envelope-from nicole@xwin.nmhtech.com)
Received: by xwin.nmhtech.com (Postfix, from userid 1001)
	id 5ED932EE28; Tue,  5 Jan 1999 23:15:46 -0800 (PST)
Message-ID: <XFMail.990105231546.nicole@nmhtech.com>
X-Mailer: XFMail 1.2 [p0] on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
In-Reply-To: <Pine.BSF.3.96.990104090519.53477D-100000@eccles.salk.edu>
Date: Tue, 05 Jan 1999 23:15:46 -0800 (PST)
From: Nicole Harrington <nicole@nmhtech.com>
To: Tom Bartol <bartol@salk.edu>
Subject: Re: New boot blocks for serial console ...
Cc: current@FreeBSD.ORG, Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id XAA28757
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On 04-Jan-99 Tom Bartol wisely wrote:
> 
> 
> On Mon, 4 Jan 1999, Garrett Wollman wrote:
> 
>> <<On Mon, 4 Jan 1999 09:01:34 -0800 (PST), Tom Bartol <bartol@salk.edu>
>> said:
>> 
>> >> Not at all.   Ever heard of a padlock?
>> 
>> > Well, then, there's your solution!
>> 
>> No, because it still doesn't prevent someone from walking up to the
>> machine and telling it to boot something it shouldn't.
>> 
>> What we're trying to achieve is an environment where the worst thing
>> someone could do is cause the machine to reboot.
>> 
> 
> Then what you need is an untouchable machine in the hardware AND software
> sense.  Padlock the room where the machine sits, get a UPS with plenty
> reserve power, and don't put it the machine on the net.  Probably not a
> very useful machine when you're all done doing that :-) 
> 

 Say.. Isn't that how MS NT got its security rating <G>

   Nicole



> Sorry, I'm just jerking you around here, you're original idea about have a
> streamlined boot process is a good one, I'm just pointing out that this is
> really just a deterrent, like all other security measures as there really
> is no absolute solution to achieve absolute security.
> 
> Tom
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-current" in the body of the message

                          |\ __ /|   (`\            
                          | o_o  |__  ) )           
                         //      \\                 
          nicole@nmhtech.com | http://www.webweaver.net/
webmistress@dangermouse.org  | http://www.dangermouse.org
-------------------------(((---(((-----------------------
 
         -  Powered by Coka Cola and FreeBSD  -
     - Stong enough for a man - But made for a Woman -
 
        - I'm not ADD - I'm just MultiThreaded   -
      - Microsoft: What bug would you like today?  -
----------------------------------------------------------



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message