From: platt@coos.dartmouth.edu (The Crouton Man) Subject: Re: Linus security/Non root access Date: 21 Aug 1992 05:11:17 GMT
In article <1992Aug21.020626.20221@unislc.uucp> erc@unislc.uucp (Ed Carp) writes:
:Frank Pikelner (frank@cs.yorku.ca) wrote:
:
:: I'd like to find out if it is possible to say install several machines to run
:: Linux and allow the public to use them. The problem I'm trying to resolve is I
:: need the machines to have access to a floppy drive, but I do not want anyone
:: to be able to boot the machine using their own floppy, and maybe gain access as
:: root.
::
:: One solution I can think of is getting a machine that has a password protected
:: BIOS, and allows the change in the boot order with the hard drive first. I would
:: love to hear other ideas, if any do exist.
:
:Hmmm...you could hack the loader to refuse to load the kernel from
:diskette - that might be easier than spending the $$$ to get a machine with
:a password protected BIOS. If someone booted MS-DOS from a diskette,
:it wouldn't do them any good, anyway, 'cause you can't read a linux
:partition from MS-DOS. Not yet, anyway... :)
:
:The loader code is in /usr/src/linux/boot/bootsect.S
this will not work as someone can come along with a boot disk
(make disk in the top of the source tree) with their own bootsect.S
that has not been modified.
the problem must be addressed from the boot-rom, such as the afore-mentioned
passwd locking. even this might not do it, depending on the bios setup.
my machine came with the passwd locking mechinism, but i have never
explored it.
croutons.