From: jsr@dexter.mi.org (Jay S. Rouman) Subject: Re: Linus security/Non root access Date: Fri, 21 Aug 1992 17:29:48 GMT
In article <1992Aug21.041250.21094@ns1.cc.lehigh.edu> jjk1@ns1.cc.lehigh.edu (Konsultant Josh/fuzzy.happy.green.box) writes:
>Yes, anyone will be able to get into your system as root by booting
>from floppy (this discussion came up a while ago, and we have some
>very strongly opinionated people as to what should be done :-).
> [...]
>The "best" solution seems to be going with the password-protected
>BIOS.
This is essentially what Sun does. It's a passworded boot prom, but
the effect is the same. However, keep in mind that once someone has
physical access to a machine, most of the security battle is already
lost. They can always remove the disk drive and move it to another
machine, if they can't get around your password system. I have been
taught to make the machine as secure as possible from dialin and
network attacks and let it go at that. If the bad guy has physical
access, it's only a matter of time.
-- Jay S. Rouman (jsr@dexter.mi.org)