|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Fabrice MARIE (fabrice
celestix.com)Date: Thu Oct 11 2001 - 02:52:16 CDT
Hi,
On Thursday 11 October 2001 03:18, Jose Nazario wrote:
> thats very true, yes. however, LIDS can be used to prevent this, so that
> with kernel settings (which require a reboot to effect) even root cannot
> make modifications, no matter what they try, not until these kernel flags
> are cleared and the system rebooted. couple that to firmware/BIOS level
> passwords, and you're set. you can build up a trusted computing base this
> way. something to consider. and sorry for any confusion earlier, thanks for
> requesting the clarification.
I like very much RSBAC for it's desing/power :
http://www.rsbac.org/
You can administer your box using roles (among others
but roles are powerful and simple...) to prevent
fools from playing around or simply to prevent admin's typos from
becoming a disaster.
Have a nice day,
Fabrice.
-- Fabrice MARIE Senior R&D Engineer Celestix Networks http://www.celestix.com/"Silly hacker, root is for administrators" -Unknown
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]