[239] in linux-security and linux-alert archive
Securing the console of a linux system, given a secure boot
daemon@ATHENA.MIT.EDU (Nigel Metheringham)
Wed May 17 13:48:43 1995
To: linux-security@tarsier.cv.nrao.edu
Date: Tue, 16 May 1995 18:30:20 +0200
From: Nigel Metheringham <nigelm@ohm.york.ac.uk>
We run a set of PCs here that are net booted using bootp via a ROM on the net
card [the specific one is Dirk Koppen's TCP/IP boot ROM]. Currently we boot
them into DOS/Windows.
This boot ROM has the capability to disallow floppy booting and since these
machines have no hard drive in them it is difficult to boot them other than
off the network. I have experimented with some success with a method of
booting Linux across the network using an NFS mounted root partition, and
think I could get this working successfully for a lab of machines
(experiments were done with a single slightly differently configured system].
The intention is to run the systems as X terminals with the local Sun
servers supporting them using Xdm. [There will be an alternative boot config
to the current DOS/Windows setup - shame! - the boot ROM supports a choice
from a menu of boot images]
Given this sort of setup, can anyone see any major hole which our students
could march through and thus get root access on the network (those machines
have filesystem access for their DOS/Windows PC/NFS configuration).
Or to rephrase the same question. If I can basically boot the system
securely, and a halt/reboot is caught securely, can a linux console be
made/considered secure?
Nigel.
[before I get a flood of queries, I am intending to write up how we netboot
linux to a diskless system. when I do so I'll either copy it to, or put a
pointer to the announce list]
- Nigel Metheringham -- EMail: nm4@unix.york.ac.uk nigelm@ohm.york.ac.uk -
- System Administrator, Electronics Dept, University of York, York YO1 5DD -
- Tel: +44 1904 432374, Fax: +44 1904 432335 | PGP key available from WWW -
- WWW: http://www.amp.york.ac.uk/~nm4/ | -
[Mod: Please reply to author. Nigel, could you post a summary of any
decent responses you get regarding the Linux-booting portion and any
security issues it raises (or solves)? This is an interesting twist to
the long-standing problem of securing a Linux console. --Jeff.]
