Subject: switch to fully dynamic and security
To: None <tech-userlevel@netbsd.org>
From: Emmanuel Dreyfus <manu@netbsd.org>
List: tech-userlevel
Date: 10/20/2002 09:40:30
Hi all
It seems to me that we lowered the security of the system when switching
to fully dynamic:
If we consider the case of someone having access to the console but not
to the floppy/cdrom/whatever (I have such machines in a computer room,
locked in a desk), previously, if you disabled ddb from the keyboard and
if you set the console as insecure in /etc/ttys, it was not possible to
get root by rebooting the machine and doing boot -s: init asked for the
root password.
Now, it is possible to tell init path to the kernel at boot time using
-a. I have not tried it yet, but it probably means that someone can
reboot the machine and request the kernel to lookup init here: /bin/sh,
thus bypassing any insecure console setting.
We lowered a bit our security, here, didn't we?
--
Emmanuel Dreyfus.
JavaScript est encapsule dans HTML, qui encapsulait
deja pas mal d'autres conneries comme ca.
manu@netbsd.org