Re: Protecting root security

To: Marek Habersack <grendel@vip.net.pl>
Cc: Debian Userslist <debian-user@lists.debian.org>
Cc: Debian Userslist <debian-user@lists.debian.org>, Koyote <koyote@paonline.com>
Subject: Re: Protecting root security
From: Rune Linding Raun <linding@bigfoot.com>
Date: Wed, 19 May 1999 16:01:17 +0200 (CEST)
Message-id: <[🔎] XFMail.990519160117.linding@bigfoot.com>
Reply-to: linding@bigfoot.com
In-reply-to: <[🔎] 19990519133239.A1102@jester.vip.net.pl>

you can by a REAL server eg Compaq server line which can be locked completely
and only unlocked by a license disk or a bootpasswd
On 19-May-99 Marek Habersack wrote:
> * Koyote said:
> 
>> >so that root password, or some other verification system is required,
>> >before a reinstall is permitted.  It is true that compromising a
>> system
>> >this way requires unfettered access to the box.   However as Linux is
>> >used more and more in commercial environments this issue will need to
>> be
>> >addressed.
>> 
>> 
>> If you think about it- this is no different than windows: power off,
>> insert cdrom or disk one and power on.
>> 
>> I don't think that there is any good answer for this. Workarounds
>> abound, for the paranoid: you can wire a hidden switch that must be
>> reset by hand after a power off (uses a small electromagnet to
>> maintain on status) that controlls power to all drives.
>> You can lock the computer, so that no one can get to the drives.
>> You can setup a computer that is not bootable from cdrom, and remove
>> the floppy drive (install it when you need to do a full
>> install.)...(and no, I have no idea how to make the cdrom unbootable
>> on a linux pc. I'll learn sooner or later.)
> If one wants to go through so much trouble istead of disallowing physical
> access, he can spend several $ to buy a device which requires a magnetic, or
> chip card to gain access to any device in the machine. The chip cards use a
> one-time password scheme to prevent password spoofing - I think DEC sells
> such devices, but don't quote me. Such device has one disadvantage - the
> server won't reboot on its own when anthing fails - it will wait till
> someone with enough privilege comes and inserts the chip card to finish the
> reboot process. It can be overcome by using a watchdog hardware card which
> would be connected in such a way, that the security system would allow
> full system reboot ONLY if initialized by the watchdog hardwar. But still,
> it's much less security than putting the server away from anybody's hands.
> 
> 
>>     If someone wants to workaround these safety features, they can
>> just dismount your hdd and leave, anyway.
> Exactly.
> 
>>     If you are talking about having a password resident in your boot
>> sector or some such soft password, I just come in and boot a floppy
>> that deletes it before loading your system. Sort of.
> One-time passwords can help. 
> 
> regards,
>   marek

----------------------------------
E-Mail: Rune Linding Raun <linding@bigfoot.com>
Date: 19-May-99
Time: 16:00:15

This message was sent by XFMail
----------------------------------

Reply to:

Follow-Ups:
- Re: Protecting root security
  - From: Marek Habersack <grendel@vip.net.pl>
- Re: Protecting root security
  - From: "Ben Lutgens" <blutgens@mosquitonet.com>

References:
- Re: Protecting root security
  - From: Marek Habersack <grendel@vip.net.pl>

Prev by Date: Re: Debian And IBM MCA Bus
Next by Date: weird problem after using xf86config
Previous by thread: Re: Protecting root security
Next by thread: Re: Protecting root security
Index(es):
- Date
- Thread