Bugtraq mailing list archives
Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53)
From: darren.moffat () UK Sun COM (Darren J Moffat - SunService ETZ-N OS Product Support Group)
Date: Tue, 14 Jul 1998 09:50:12 +0100
Just to make sure there is no confusion: full-mode: in the OBP means the password is required for all OBP actions including booting the system command-mode: is for any OBP action that passes new parameters to the boot command or attempts to do anything other than go (or continue in old-mode). If you want to actually stop the break being sent at all then under Solaris 2.6 you can do this by running: `kbd -a disable` If you want to permanently change the software default effect of the keyboard abort sequence, you can add or change the current value of the KEYBOARD_ABORT variable to the value disable in the keyboard default file, /etc/default/kbd, as shown here. KEYBOARD_ABORT=disable Some server systems have key switches with a 'secure' key position that can be read by system software. This key position overrides the normal default of the keyboard abort sequence effect, and changes the default so the effect is 'disabled'. On these systems, when the key switch is in the secure position, the keyboard abort sequence effect cannot be overridden by the software default which is settable with this command. I would recommend that ALL hosts have at least command-mode set if there is the possibility that an untrust worth user has physical access. In the case of servers with a key - take the key out and put it in the safe as well! Prior to Solaris 2.6 there is a consulting special option available from Sun Profesional Services. -- Darren J Moffat
Current thread:
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) James Bonfield (Jul 13)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Leendert van Doorn (Jul 13)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Aggelos P. Varvitsiotis (Jul 14)
- <Possible follow-ups>
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Dr. Mudge (Jul 13)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Darren J Moffat - SunService ETZ-N OS Product Support Group (Jul 14)
- Linux and world-writable /tmp - UPDATE (fwd) Michal Zalewski (Jul 11)
- Berkley DB problem in slackware distribution Martin Bene (Jul 16)
- Re: Linux and world-writable /tmp - UPDATE (fwd) Olaf Kirch (Jul 16)
- Re: Linux and world-writable /tmp - UPDATE (fwd) Michal Zalewski (Jul 12)
- Linux and world-writable /tmp - UPDATE (fwd) Michal Zalewski (Jul 11)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Eric Johnson (Jul 15)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Casper Dik (Jul 15)
- S.A.F.E.R. Security Bulletin 980708.DOS.1.1 Security Research Team (Jul 16)
- Sun Security Bulletin #00172 (fwd) joshua grubman (Jul 15)