Re: [linux-security] New hack against BSD,Linux is _mostly_ safe from it.

[Marc SCHAEFER <schaefer alphanet ch>]

In article <6gv2a3$vkk$1 vulcan alphanet ch> you wrote:
> Linux booted from LILO is not vulnerable, because bootable kernels must

put a floppy with the kernel
lilo: linux root=/dev/hda1 [where the root fs lies]

this causes the system to boot with the new kernel.

Note that you can also simply mount the root fs from a floppy.

This type of attack is possible (and many others) if you have
access to the console and a floppy drive.

Put a password on the BIOS, disable diskette booting, lock the
PC box so that noone can reset the CMOS, install Lilo so that
it does not accept user prompt anymore, and hope your BIOS
has no hidden passwords or side-effects.