[1732] in linux-security and linux-alert archive
[linux-security] Re: New hack against BSD,
daemon@ATHENA.MIT.EDU (Marc SCHAEFER)
Tue Apr 14 04:37:07 1998
Date: Tue, 14 Apr 1998 09:22:25 +0200
From: Marc SCHAEFER <schaefer@alphanet.ch>
In-reply-to: <6gv2a3$vkk$1@vulcan.alphanet.ch>
To: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
In article <6gv2a3$vkk$1@vulcan.alphanet.ch> you wrote:
> Linux booted from LILO is not vulnerable, because bootable kernels must
put a floppy with the kernel
lilo: linux root=/dev/hda1 [where the root fs lies]
this causes the system to boot with the new kernel.
Note that you can also simply mount the root fs from a floppy.
This type of attack is possible (and many others) if you have
access to the console and a floppy drive.
Put a password on the BIOS, disable diskette booting, lock the
PC box so that noone can reset the CMOS, install Lilo so that
it does not accept user prompt anymore, and hope your BIOS
has no hidden passwords or side-effects.
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null