3 posts
Posted 30 August 2012 - 03:00 AM
Hello everyone!
I have a small feature request for the standard bios:
Right now CC computers have a nasty security bug because you can boot them from a malicious disk
my problem is that I want to make a access card system which activates something over rednet
(a client pc in which you insert the disk and a server which handles the authentication so you can hide the server somewhere - e.g. within a autarkic force field so nobody can access it - or just an obsidian cage)
but nothing prevents you from accessing the client, so someone could install a spy software on it
to prevent that a autorun file (just like the startup file) could be executed every time a disk is inserted
this autorun file could call os.reboot("side to boot from") which reboots the system and forces it to use the startup location specified
possible values could be any peripheral side or "internal" or something like that to boot from the internal startup file ("rom" to boot to a completely clean os would be nice too)
additionally you would not need a dedicated client pc at all because the disk could bring all necessary scripts with it and execute it on any computer!
the autorun function could also immediately eject the disk to prevent modification
the autorun functionality could easily be implemented in bios.lua
but I'm not sure about the reboot part because you need to store the parameter somehow :)/>/>
after doing a little better search, this would solve the problem in a even simpler way:
http://www.computercraft.info/forums2/index.php?/topic/765-14-allow-for-custom-shells-in-bioslua/page__p__5040__hl__autorun__fromsearch__1
I have a small feature request for the standard bios:
Right now CC computers have a nasty security bug because you can boot them from a malicious disk
my problem is that I want to make a access card system which activates something over rednet
(a client pc in which you insert the disk and a server which handles the authentication so you can hide the server somewhere - e.g. within a autarkic force field so nobody can access it - or just an obsidian cage)
but nothing prevents you from accessing the client, so someone could install a spy software on it
to prevent that a autorun file (just like the startup file) could be executed every time a disk is inserted
this autorun file could call os.reboot("side to boot from") which reboots the system and forces it to use the startup location specified
possible values could be any peripheral side or "internal" or something like that to boot from the internal startup file ("rom" to boot to a completely clean os would be nice too)
additionally you would not need a dedicated client pc at all because the disk could bring all necessary scripts with it and execute it on any computer!
the autorun function could also immediately eject the disk to prevent modification
the autorun functionality could easily be implemented in bios.lua
but I'm not sure about the reboot part because you need to store the parameter somehow :)/>/>
after doing a little better search, this would solve the problem in a even simpler way:
http://www.computercraft.info/forums2/index.php?/topic/765-14-allow-for-custom-shells-in-bioslua/page__p__5040__hl__autorun__fromsearch__1
