[syslinux] problem with PXElinux and security of local LAN

[Jason Keltz]

Hi.

I want to use PXELinux to build a dynamic boot menu for a computer lab. 
  Sometimes, the machines need to be in Linux mode/Windows mode/allow 
the option of Linux/Windows.  I configured this all fine with PXELinux. 
  My problem is really one of security.  Someone can plug in a laptop 
with a DHCP server, and tftp server and fake a lab machine to boot into 
any mode they desire, or even worse, they could configure the local 
machine to boot Linux in single user mode, and hence allow access to 
root, local ssh keys, etc.  I can't really think of any easy way how to 
solve this problem since there is no way to authenticate the PXELinux 
instance that is loading or the configuration files.   Any ideas?  A 
locally configured grub could do the same thing, of course, but using 
pxelinux, I can change the configuration of machines that are off so 
that when they come back on, they are in the mode that I desire.

:(

Jason.