home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!usc!rpi!bu.edu!dartvax!coos.dartmouth.edu!platt
- From: platt@coos.dartmouth.edu (The Crouton Man)
- Newsgroups: comp.os.linux
- Subject: Re: Linus security/Non root access
- Message-ID: <1992Aug21.051117.17172@dartvax.dartmouth.edu>
- Date: 21 Aug 92 05:11:17 GMT
- References: <1409@yetti.UUCP> <1992Aug21.020626.20221@unislc.uucp>
- Sender: platt@coos.dartmouth.edu
- Organization: Dartmouth College, Hanover, NH
- Lines: 32
-
- In article <1992Aug21.020626.20221@unislc.uucp> erc@unislc.uucp (Ed Carp) writes:
- :Frank Pikelner (frank@cs.yorku.ca) wrote:
- :
- :: I'd like to find out if it is possible to say install several machines to run
- :: Linux and allow the public to use them. The problem I'm trying to resolve is I
- :: need the machines to have access to a floppy drive, but I do not want anyone
- :: to be able to boot the machine using their own floppy, and maybe gain access as
- :: root.
- ::
- :: One solution I can think of is getting a machine that has a password protected
- :: BIOS, and allows the change in the boot order with the hard drive first. I would
- :: love to hear other ideas, if any do exist.
- :
- :Hmmm...you could hack the loader to refuse to load the kernel from
- :diskette - that might be easier than spending the $$$ to get a machine with
- :a password protected BIOS. If someone booted MS-DOS from a diskette,
- :it wouldn't do them any good, anyway, 'cause you can't read a linux
- :partition from MS-DOS. Not yet, anyway... :)
- :
- :The loader code is in /usr/src/linux/boot/bootsect.S
-
- this will not work as someone can come along with a boot disk
- (make disk in the top of the source tree) with their own bootsect.S
- that has not been modified.
-
- the problem must be addressed from the boot-rom, such as the afore-mentioned
- passwd locking. even this might not do it, depending on the bios setup.
-
- my machine came with the passwd locking mechinism, but i have never
- explored it.
-
- croutons.
-
