[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SECURITY PROBLEM: autofs [all versions]

On Sat, Jul 01, 2000 at 09:11:41AM -0700, Erik wrote:
> > anytime someone has physical access to the machine...
> > you already have a security problem.... ( my definition )
> > 
> many people run labs of compupters, in which they need
> as much physical security as possible.  And dont say just reboot
> off of a floppy, cuz any decent lab will have the bios password
> protected, and boots directly from the HD without trying the
> floppy or CD.

How about a simple debconf question for those who want to allow suid
executables by default (why would anyone want to do that?) by default,
nosuid would be used.

> That was the problem discussed with MBR awhile back, that it gave the
> option of booting from something else anyways, but that, like this is
> considered something the admin should be informed of, but not done
> for them(i guess this might get done).

heh, this has been 'exploited' a few times, due to forgotten bios
password. =)

Regards, Sami Haahtinen

Reply to: