Subject: Re: Ctrl+Alt+Esc = db>
To: None <>
From: Harry Waddell <>
List: current-users
Date: 01/26/2003 18:01:21
On Mon, 27 Jan 2003 01:06:40 +0100
Christian Biere <> wrote:

> Roland Dowdeswell <> wrote:
> > It should be secure, if you turn the debugger off either via sysctl:
> > 
> > 	# sysctl -w ddb.opanic=0
> > 	# sysctl -w ddb.fromconsole=0
> > 
> > or compile a kernel which doesn't have a debugger.
> Actually, you could have a look at GNATS to find a way to crash NetBSD.
> If you don't find a software way, you could use a more brutal way like
> pulling the plug or make it go overheat. Then you can boot the machine
> into single-user mode... I think, it's pretty hard to stealth a PC
> against local attacks.

A couple good points, but ideally one would have at least some degree of
physical security that would prevent someone from pulling the plug, etc...
Even a bank atm machine left unattended long enough will succumb to a
crow bar. 

At the risk of sounding really dumb, since I haven't really thought this
through, but if the kiosk is running an application, couldn't one use a
non-concole usb keyboard and wrap the application in a shell script
such that wsconscfg would attach and detach the keyboard before and after
the application runs?

Harry Waddell
Caravan Electronic Publishing

"Well done is better than well said." - Benjamin Franklin