On Fri, Sep 15, 2000 at 01:21:59PM +1000, Stephen Mills wrote:
> 1) be reminded that if a person has physical access to your linux machine,
> they can usually have full access to all information within a few mins with
> a boot floppy
>
> 2) you can set a password on the lilo prompt to prevent them from booting an
> image without the proper password, but rule 1 still applies, check out
> /usr/doc/lilo-* for more info
>
> 3) put your server under lock and key if its a problem
or in a lab-like environment:
set to only boot from harddrive
password protect the bios
password protect lilo
padlock the case closed (or put the case in a lockable steel cage)
(*make sure people can't just poke the 5.25 cover off, and reach in
anyway*)
make sure that the machine boots to sulogin on single user
(ie: failed fsck)
and then you should be reasonably safe. floppy / cdrom can be accessed
using the normal permissions (don't allow suid or devices on those
media tho..)
--
- Gus
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
