Full Disclosure mailing list archives

Re: AFS - The Ultimate Sulution?

From: "Brian Eaton" <eaton.lists () gmail com>
Date: Wed, 20 Sep 2006 13:33:48 -0400

On 9/20/06, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:

On Wed, 20 Sep 2006 17:41:04 +0300, Siim Pauder said:

Is it possible to update BIOS memory from outside of BIOS? If so, then
it would be possible to turn netboot off after compromising root.


Sure.  It's called "reflashing the BIOS", and happens every time you upgrade
the BIOS. (Smaller changes, like config changes, merely require poking stuff
into the NVRAM).


For some reason I think one or more of the *BSD variants has support
for restricting the actions that root can take, which presumably
includes preventing root from modifying the BIOS.  I can't recall the
name of the feature, though, and I doubt you could teach Windows 2000
a similar trick.

Regards,
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

AFS - The Ultimate Sulution? Paul Sebastian Ziegler (Sep 14)
- Re: AFS - The Ultimate Sulution? Denis Jedig (Sep 17)
- <Possible follow-ups>
- Re: AFS - The Ultimate Sulution? マグロ原子 (Sep 20)
  - Re: AFS - The Ultimate Sulution? Paul Sebastian Ziegler (Sep 20)
    - Re: AFS - The Ultimate Sulution? Siim Põder (Sep 20)
    - Re: AFS - The Ultimate Sulution? Valdis . Kletnieks (Sep 20)
    - Re: AFS - The Ultimate Sulution? Brian Eaton (Sep 20)
    - Re: AFS - The Ultimate Sulution? Valdis . Kletnieks (Sep 20)