svn commit: r337834 - in head: sbin/init stand/man
Edward Tomasz Napierala
trasz at FreeBSD.org
Wed Aug 15 08:45:07 UTC 2018
Author: trasz
Date: Wed Aug 15 08:45:05 2018
New Revision: 337834
URL: https://svnweb.freebsd.org/changeset/base/337834
Log:
Add SECURITY section to loader(8).
Reviewed by: bcr, jilles, imp (earlier version)
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D16700
Modified:
head/sbin/init/init.8
head/stand/man/loader.8
Modified: head/sbin/init/init.8
==============================================================================
--- head/sbin/init/init.8 Wed Aug 15 06:42:31 2018 (r337833)
+++ head/sbin/init/init.8 Wed Aug 15 08:45:05 2018 (r337834)
@@ -31,7 +31,7 @@
.\" @(#)init.8 8.3 (Berkeley) 4/18/94
.\" $FreeBSD$
.\"
-.Dd August 14, 2018
+.Dd August 15, 2018
.Dt INIT 8
.Os
.Sh NAME
@@ -86,6 +86,15 @@ The password check is skipped if the
.Em console
is marked as
.Dq secure .
+Note that the password check does not protect from variables
+such as
+.Va init_script
+being set from the
+.Xr loader 8
+command line; see the
+.Sx SECURITY
+section of
+.Xr loader 8 .
.Pp
If the system security level (see
.Xr security 7 )
Modified: head/stand/man/loader.8
==============================================================================
--- head/stand/man/loader.8 Wed Aug 15 06:42:31 2018 (r337833)
+++ head/stand/man/loader.8 Wed Aug 15 08:45:05 2018 (r337834)
@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd August 14, 2018
+.Dd August 15, 2018
.Dt LOADER 8
.Os
.Sh NAME
@@ -945,6 +945,42 @@ version at compile time.
.Nm
version.
.El
+.Sh SECURITY
+Access to the
+.Nm
+command line provides several ways of compromising system security,
+including, but not limited to:
+.Pp
+.Bl -bullet -compact
+.It
+Booting from removable storage, by setting the
+.Va currdev
+or
+.Va loaddev
+variables
+.It
+Executing binary of choice, by setting the
+.Va init_path
+or
+.Va init_script
+variables
+.It
+Overriding ACPI DSDT to inject arbitrary code into the ACPI subsystem
+.El
+.Pp
+One can prevent unauthorized access
+to the
+.Nm
+command line by setting the
+.Va password ,
+or setting
+.Va autoboot_delay
+to -1.
+See
+.Xr loader.conf 5
+for details.
+In order for this to be effective, one should also configure the firmware
+(BIOS or UEFI) to prevent booting from unauthorized devices.
.Sh FILES
.Bl -tag -width /usr/share/examples/bootforth/ -compact
.It Pa /boot/loader
More information about the svn-src-head
mailing list