From: jjk1@ns1.cc.lehigh.edu (Konsultant Josh/fuzzy.happy.green.box) Subject: Re: Linus security/Non root access Date: 21 Aug 1992 04:12:50 GMT
Yes, anyone will be able to get into your system as root by booting
from floppy (this discussion came up a while ago, and we have some
very strongly opinionated people as to what should be done :-).
>
>One solution I can think of is getting a machine that has a password protected
>BIOS, and allows the change in the boot order with the hard drive first. I would
>love to hear other ideas, if any do exist.
>
You have hit upon the only real solution. You either need a BIOS
which will disallow a floppy boot, or require a password to do it.
The other possibility is a software encryption of the filesystem "on
the fly"; this is somewhat impractical because it requires some kernel
modifications and it would considerably slow down performance.
As was pointed out, this is an inherent problem with ANY Unix box (and
sometimes is useful; for example, I recently had to get in and
reformat the disk on my Sun because someone had breached system
security, and booting from tape was the best way to do so).
The "best" solution seems to be going with the password-protected
BIOS.
--Josh
--
____________------------===========------------____________
from: Josh Kopper
jjk1@lehigh.edu
Computer Engineering, EECS Department, Lehigh University
Systems Programming - Lehigh University Computing Center