SUMMARY: Sun ULTRA 20 and BIOS password security hole
Olaf.Hopp at atis.uka.de
Fri Mar 3 07:26:55 EST 2006
Olaf Hopp wrote:
> Dear Collegues,
> is anybody running the new Opteron Workstations Ultra20 in an open
> classroom ? You can lock down the access to the BIOS via a BIOS password.
> But when the system boots it still allows you to press <F8>-Key and
> select a boot device - and (that's the problem) it allows you
> to boot from that device WITHOUT entering the BIOS password.
> This is even true when you disable booting from CD/DVD within
> the BIOS.
> So pressing F8 lets you always boot from any device without password.
> And this makes it impossilble for me to put them into an open classroom,
> where any student can reach control over the maschine with a stupid
> Did I overlooked something in the BIOS ?
> I can't believe that SUN delivers a maschine with such a security hole.
> Hardware: SUN Ultra20
> BIOS-Version: 2.1.7 (seems to be the latest one)
Sorry, not a lot of responses:
Somebody (from SUN) mentioned to disable CD-booting within the
BIOS. But this does not help: my BIOS says boot from network only.
But when pressing the F8 key you can pick any boot device :-(
Somebody mentioned not to worry about it and to "educate" those
students. Well I wish I had his students. Since those are
students in computer science the know how to hack and to hide it
from me. If there is a hole, they will find it.
And there was a "me too":
the W1100z seems to have the same bug, sorry feature.
Hello SUN - wake up! The good old OBP-OK-Prompt on SPARC asks
for a password when I type "boot cdrom" at the OK prompt.
_-\<,_ Dipl.-Geophys. Olaf Hopp
(_)/ (_) ATIS - Abteilung Technische Infrastruktur
University of Karlsruhe EMail: Olaf.Hopp at atis.uka.de
Faculty of Computer Science WWW : http://www.atis.uka.de
Building 50.34 Room-No. 009
Am Fasanengarten 5 Fon : +49 (721) 608-3973
D-76131 Karlsruhe / Germany Fax : +49 (721) 608-6699
[demime 1.01b removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
More information about the sunmanagers