From: csg203@cck.coventry.ac.uk (Bluebeard) Subject: Re: Linus security/Non root access Date: 21 Aug 1992 12:26:36 GMT
In article <1992Aug21.020626.20221@unislc.uucp> erc@unislc.uucp (Ed Carp) writes:
>Frank Pikelner (frank@cs.yorku.ca) wrote:
>
>: I'd like to find out if it is possible to say install several machines to run
>: Linux and allow the public to use them. The problem I'm trying to resolve is I
>: need the machines to have access to a floppy drive, but I do not want anyone
>: to be able to boot the machine using their own floppy, and maybe gain access as
>: root.
>:
>: One solution I can think of is getting a machine that has a password protected
>: BIOS, and allows the change in the boot order with the hard drive first. I would
>: love to hear other ideas, if any do exist.
>
>Hmmm...you could hack the loader to refuse to load the kernel from
>diskette - that might be easier than spending the $$$ to get a machine with
>a password protected BIOS. If someone booted MS-DOS from a diskette,
>it wouldn't do them any good, anyway, 'cause you can't read a linux
>partition from MS-DOS. Not yet, anyway... :)
But that wouldn't stop someone with linux/minix boot and root file system
disks, booting from floppy and then mounting the hard disk.
The protected BIOS is the only real answer unless the linux partition was
encoded in some way that only the 'official' kernel could read.
-- *********************************************************************** * FLESH: Charlie Freckleton * JANET: csg203@uk.ac.cov.cck * * ALIAS: Bluebeard * or : stliaise@uk.ac.cov.cck * ***********************************************************************