[6521] in bugtraq
Re: obsd boot hack (boot-modified-kernel-attack)
daemon@ATHENA.MIT.EDU (Theo de Raadt)
Tue Apr 14 22:37:27 1998
Date: Tue, 14 Apr 1998 17:39:10 -0600
Reply-To: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
From: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
X-To: shipley@DIS.ORG
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 14 Apr 1998 02:47:58 PDT."
<199804140947.CAA25451@merde.dis.org>
You don't even need such a complicated kernel modification program to
do this:
> boot -d
Voila, you are in the kernel debugger.
Or, alternatively, make your own root filesystem and do:
> boot -a
[...]
root device? fd0a
> and create the file /etc/boot.conf and add a line
>
> boot bsd
>
> This will cause the system to automaticly boot and load
> the /bsd kernel with out issueing the user the option to
> load a alternitive kernel.
That's the suggested way of handling secure machines. I'm not sure if
we want to put a password system in there, it isn't clear if it will
help. We'll think about it.
