home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.sys.sgi
- Path: sparky!uunet!utcsri!torn!watserv1!watmath!rblander
- From: rblander@math.waterloo.edu (Robyn Landers)
- Subject: Re: indigo security
- Message-ID: <1992Jul23.185607.22177@math.waterloo.edu>
- Organization: University of Waterloo
- References: <1992Jul23.171949.5812@math.waterloo.edu>
- Date: Thu, 23 Jul 1992 18:56:07 GMT
- Lines: 30
-
- In article <1992Jul23.171949.5812@math.waterloo.edu> rblander@math.waterloo.edu (Robyn Landers) writes:
- > [...]
- >This means that the Indigos have to be in the same room
- >as the monitors, leaving them vulnerable to malicious students.
- > [...]
- > I've sifted through the IRIX Site Admin's Guide on Security and
- >PROM monitor and have seen no way to password-protect the PROM
- >monitor, enforce direct uninterruptable boot to multiuser using initstate,
- >(unless shut down nicely), or otherwise prevent such a break-in.
- >I also haven't seen anything like Sun's "secure" option in
- >/etc/ttytab to require root's password when booting single user.
- >
- > I really hope I've missed something.
- >Can anybody tell me what it is? Thanks.
-
-
- Aackk, of course there *is* a passwd command at the PROM
- monitor prompt which restricts access to the other 4 actions
- at the system maintenance level. Okay, so I was blind when
- I looked at the result of >> help
-
- However it does appear to be undocumented in the Site Admin Guide
- chapter on PROM monitor, and of course I'll welcome any other
- suggestions on security in this situation. (We're going to put
- an alarm cable on the metal bar that extends through the box,
- so the front panel can't be opened exposing the reset button.)
-
-
- Robyn
- MFCF, UofWaterloo
-
