Re: [aclug-L] Physical Security of Linux Boxen
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
I've done some work setting up things in this situation at WSU.
Things to keep in mind:
1) Use a distribution that uses secure-su, meaning that it requires
a password before entering single-user mode.
2) Disable boot from floppy capability in your BIOS.
3) Password protect the BIOS.
4) Password protect your LILO.
If you need more info, feel free to ask.
"Cory T. Lamb" <ctl4u@xxxxxxxxxxxx> writes:
> In looking at a "linux-lab" project I only see one MAJOR problem... That
> is single user mode... It seems that you can get into single user mode
> without the root-passwd as long as you can reboot the box, is this true?
> Is there any file I can edit to stop this? How can labs be run
> securely with this "feature". My machines will be as physically secure as
> possible but if they are dual-boot anyone can get root access... This
> would be VERY BAD! Any suggestions would be appreciated.
> TIA.
> ~Cory
>
>
> ------=.=.=.==.=.=.=------
> | Cory T. Lamb |
> | *** |
> | Unix Admin |
> | Techno-Janitor |
> | Bethel College IMS |
> | 316.284.5214 |
> | ctl4u@xxxxxxxxxxxx |
> ------=.=.=.==.=.=.=------
>
>
--
John Goerzen Linux, Unix consulting & programming jgoerzen@xxxxxxxxxxxx |
Developer, Debian GNU/Linux (Free powerful OS upgrade) www.debian.org |
----------------------------------------------------------------------------+
The 60,007,821st prime number is 1,190,658,263.
|
|
