Date: Sun, 7 Feb 1999 17:31:09 -0500 (EST) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: stuyman@confusion.net (Laurence Berland) Cc: root@isis.dynip.com, rivers@dignus.com, freebsd-questions@FreeBSD.ORG Subject: Re: Fw: HELP!!!! Message-ID: <199902072231.RAA01367@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <36BE0A83.4D82D496@confusion.net> from Laurence Berland at "Feb 7, 99 04:49:56 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Laurence Berland wrote, > Is there a way to keep people from doing this who aren't supposed to? Like if I set up a BSD box in a library and someone knows how to do that, is there a way to stop them? (Or do I just put a password on the BIOS so they can't reboot fully?) "There is no security without physical security." See 'man 5 ttys' and 'more /etc/ttys' (if you still have the comments from the installed version) on how to prevent people from going into single-user mode without root's password. Even if you stop them from going into single-user mode from the HD disk boot, what stops them from slipping a floppy in the drive and booting off of that? You need to prevent access to the reset button, power supply, and bootable floppy drive. If that is not possible and you are concerned, do not put bootstrap code on the machine. Boot from floppy and then control physical access to the floppy only. Better than nothing I guess. That's MHO, anyway. Any discussion more in-depth than this should probably move to freebsd-security. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902072231.RAA01367>