> > The best thing to do is take the nit support out of the kernel and > remove /dev/nit. Now someone would have to build a new kernel and > reboot the machine to replace the nit support. > > If you are overly concerned about this, you can set the boot device > (in the rom monitor on a sparc) to boot off of some other disk, one > that is not bootable or not there. Then a reboot/fastboot/shutdown > -r/etc will not be able to automatically bring the system up. I don't > believe that you can specify boot devices from a unix reboot type > command. is it not possible for a hacker to set his own boot device before performing his reboot, and then reset it back to whatever-it-was later? ie by messing with /dev/openprom or whatever its called -- ------------------------------------------+----------------------------------- Mailed using ELM on FreeBSD | Karl Strickland PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk |