I was just thinking about something and realized I forgot to include it in
my previous e-mail...
One of the major security flaws with Linux when it comes to physical
access is LILO being terribly insecure about dropping to single-user
mode, etc.
It seems to me an obvious path to take would be if a group of users got
together and laid down ideas, taking ideas from outside as well, as to how
LILO should behave and what it should do, then form a spec, and design
it...
While people rarely think about LILO much it seems, and it's a relatively
simple part of Linux I suppose, when you consider it's the first thing
that loads related to Linux, it would seem to me that far more thought and
whatnot should be given to it...
Physical security is useless if software itself is so flawed that one can
simply boot to a passwordless o/s that allows an incredible amount of
access to hardware immediately.
Why not rewrite, or update, LILO and call it SLILO (Secure LILO)?
Sounds good to me anyways... anyone else know if this has already been
done?
-macker
BTW, feel free to e-mail me off-list concerning this... I could probably
even rig a seperate mailing list, website, etc. for it if there's enough
interest in this.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
