Hi, Aside from the fact that it left me quite flabbergasted for quite some time, mudge's OBP memory manipulation for aquiring root priviledges poses a serious risk for environments where SUN workstation consoles are easily accesible to unpriviledged individuals, such as university labs. An easy and quick work-around that avoids granting just anybody at the console the ability to "Stop-A" and drop into OBP, is to enable the "security-mode" and "security-password" variables within OBP. Changing the default value of "security-mode" from 'none' to 'full', forces a user who tries to halt the system to authenticate against the password defined in "security-password" before having access to the OBP command line. Again, mudge never stops to amaze.... Regards, Jericho.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:03:15 PDT