Re: join us!
"Kurt Seifried" wrote:
...
>Problem: user can enter Lilo commands at the Lilo prompt
...
>Additional solution: remove/replace password in lilo.conf after setting it
>(i.e. set password, run lilo, remove password).
You may not have noticed mbr:
bash-2.04$ dpkg --status mbr
Package: mbr
Status: install ok installed
Priority: required
Section: base
Installed-Size: 42
Maintainer: Santiago Vila <sanvila@ctv.es>
Version: 1.1.2-1
Description: Master Boot Record for IBM-PC compatible computers.
This is used in booting Linux from the hard disk.
The MBR runs first, then transfers control to LILO, which transfers
control to the Linux kernel.
As far as I can see, install-mbr can be used to second-guess the BIOS
on available boot devices, and by default allows one to boot from floppy
even if the BIOS has floppy-booting disabled (or after the hard disk).
You get the mbr prompt if you press Ctrl too early when waiting for
the lilo prompt.
If you are making a big thing of security against those with physical
access, you need to mention this package, which is required and is
silently installed in a Debian installation. (It exists because the
standard pc MBR is a non-free Microsoft product.)
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://www.lfix.co.uk/oliver
PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
" ...Take heed, and beware of covetousness; for a man's
life consisteth not in the abundance of the things
which he possesseth." Luke 12:15
Reply to:
- References:
- Re: join us!
- From: "Kurt Seifried" <seifried@securityportal.com>