current-users: Re: Ctrl+Alt+Esc = db>

Subject: Re: Ctrl+Alt+Esc = db>
To: Robert P. Thille <rthille@mac.com>
From: Roland Dowdeswell <elric@imrryr.org>
List: current-users
Date: 01/26/2003 18:51:11

On 1043624666 seconds since the Beginning of the UNIX epoch
"Robert P. Thille" wrote:
>

>I should hope that it's possible to secure a box if the attacker only 
>has access to the keyboard & display.  ie, it's a kiosk machine, that 
>the actual computer is locked away in a steel box.

It should be secure, if you turn the debugger off either via sysctl:

	# sysctl -w ddb.opanic=0
	# sysctl -w ddb.fromconsole=0

or compile a kernel which doesn't have a debugger.

As well as take care of all the security concerns in the firmware,
etc.

--
    Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/