On Oct 4, 2006, at 11:11 AM, brian (at) clearware (dot) org [email concealed] wrote:
> I just recently installed Boot Camp 1.1.1 on my Intel based MacBook
> and have some initial observations regarding security.
>
> Windows was installed on an NTFS partition for better file level
> security. However, booting to another operating system bypasses
> Windows security. This becomes evident when in Mac OS X and you
> see the Windows drive on the desktop. Files on the Windows drive
> can be easily viewed and copied while bypassing the NTFS file
> permissions. This introduces the following risks:
>
> 1. Disclosure of information (including data stored in the user's
> profile such as Outlook data files and synchronized network folders)
> 2. Brute forcing the Windows SAM for user passwords that mnay be
> used on other systems
>
> In Mac OS X, is it possible to only allow access to the Windows
> drive from specified OS X users?
The only option you probably have is to prevent automatic mounting of
the partition itself by the Finder. Usually it is accomplished by
editing the fstab table. Note, though anyone who knows that the
partition exists could mount it. It will also appear in the BSD file
system tree, it is only not visible in the Finder. The entry is
similar to:
>
> While booting the MacBook I can press the option key to select
> which drive to boot from. Is it possible to password protect this
> feature? Is it also possible to require a password to boot from CD?
>
Open firmware password. It will prevent using the option key, or any
target keys. Note though, that this is easily defeated on a laptop,
as only a physical change in memory, with PRAM resets (3x) will
remove the password.
> Brian
-----------------------------
Philip Rinehart
Systems Programmer, ITS Desktop Technologies
203-432-6573
philip.rinehart (at) yale (dot) edu [email concealed]
On Oct 4, 2006, at 11:11 AM, brian (at) clearware (dot) org [email concealed] wrote:
> I just recently installed Boot Camp 1.1.1 on my Intel based MacBook
> and have some initial observations regarding security.
>
> Windows was installed on an NTFS partition for better file level
> security. However, booting to another operating system bypasses
> Windows security. This becomes evident when in Mac OS X and you
> see the Windows drive on the desktop. Files on the Windows drive
> can be easily viewed and copied while bypassing the NTFS file
> permissions. This introduces the following risks:
>
> 1. Disclosure of information (including data stored in the user's
> profile such as Outlook data files and synchronized network folders)
> 2. Brute forcing the Windows SAM for user passwords that mnay be
> used on other systems
>
> In Mac OS X, is it possible to only allow access to the Windows
> drive from specified OS X users?
The only option you probably have is to prevent automatic mounting of
the partition itself by the Finder. Usually it is accomplished by
editing the fstab table. Note, though anyone who knows that the
partition exists could mount it. It will also appear in the BSD file
system tree, it is only not visible in the Finder. The entry is
similar to:
UUID=6370DDFB-EFBA-3E46-85BD-BE4584AEE328 /Support hfs
rw,auto,nobrowse 0 0
>
> While booting the MacBook I can press the option key to select
> which drive to boot from. Is it possible to password protect this
> feature? Is it also possible to require a password to boot from CD?
>
Open firmware password. It will prevent using the option key, or any
target keys. Note though, that this is easily defeated on a laptop,
as only a physical change in memory, with PRAM resets (3x) will
remove the password.
> Brian
-----------------------------
Philip Rinehart
Systems Programmer, ITS Desktop Technologies
203-432-6573
philip.rinehart (at) yale (dot) edu [email concealed]
[ reply ]