Return to BSD News archive
Newsgroups: comp.os.386bsd.questions Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!agate!usenet.ins.cwru.edu!news.csuohio.edu!stever From: stever@csuohio.edu (Steve Ratliff) Subject: Re: Security question Message-ID: <1993Dec4.065700.11472@news.csuohio.edu> Sender: news@news.csuohio.edu (USENET News System) Organization: Cleveland State University X-Newsreader: Tin 1.1 PL5 References: <2dodgn$s9s@bigboote.WPI.EDU> Date: Sat, 4 Dec 1993 06:57:00 GMT Lines: 17 Henry R McTague (hmctague@wpi.edu) wrote: : How do you assure the security of PC running FreeBSD, and being used : as an X windows workstation? During the boot process, I can escape into : single user mode as root. Now I can remount the file system as r/w and : change the root password. For that matter, I can do almost anything I want. : Essentially I am asking, how can you assure security when anyone has access : to the console? : : == hmctague@wpi.edu == : == Henry R McTague == Basically, with the PC architecture you can't win. Even if you could prevent single user booting somebody could boot off a floppy and do whatever they like. The key point is that you have to ensure that nobody has physical access to the console. You put the FreeBSD system into a locked room and only allow access over the wire from for example tecktronix Xwindow terminals in another room. You could also setup diskless bootp systems that nfs mount from a secured server.