On 9/20/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On Wed, 20 Sep 2006 17:41:04 +0300, Siim Pauder said: > > Is it possible to update BIOS memory from outside of BIOS? If so, then > > it would be possible to turn netboot off after compromising root. > > Sure. It's called "reflashing the BIOS", and happens every time you upgrade > the BIOS. (Smaller changes, like config changes, merely require poking stuff > into the NVRAM).
For some reason I think one or more of the *BSD variants has support for restricting the actions that root can take, which presumably includes preventing root from modifying the BIOS. I can't recall the name of the feature, though, and I doubt you could teach Windows 2000 a similar trick. Regards, Brian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
