Re: nfs mounts / su / yp

From: Alfred Perlstein (bright@wintelcom.net)
Date: 05/14/01


Date: Mon, 14 May 2001 12:43:27 -0700
From: Alfred Perlstein <bright@wintelcom.net>
To: Erik Trulsson <ertr1013@student.uu.se>


* Erik Trulsson <ertr1013@student.uu.se> [010514 12:39] wrote:
> On Mon, May 14, 2001 at 12:26:50PM -0700, Alfred Perlstein wrote:
> >
> > FreeBSD has securelevels, while not ideal, if implemented properly
> > they can limit what root can do.
>
> Yes, but if users have physical access to the machine they can always reboot
> into single user mode. In that case securelevels don't help.
>
> It is very difficult to secure a machine completely if users have physical
> access to it.

My apologies, I didn't realize you were talking about physical access.

-- 
-Alfred Perlstein - [alfred@freebsd.org]
http://www.egr.unlv.edu/~slumos/on-netbsd.html
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: nfs mounts / su / yp
    ... I think the problem is that a local root should mean only local ... >> circumvented when the user gets root access. ... but if users have physical access to the machine they can always reboot ... In that case securelevels don't help. ...
    (FreeBSD-Security)
  • procfs + chmod = no go
    ... I was wondering if it was possible to limit user access on /proc ... without having to use securelevels. ... Is this possible on FreeBSD 4.9? ... To unsubscribe, ...
    (FreeBSD-Security)