On Fri, Jul 11, 2003 at 10:56:26AM +1000, gregh wrote: > Am I being pedantic here? To my mind, if a password is required to use > the machine locally, it should automatically require the network > connection to be broken. XP goes back to the Welcome screen depending on > your settings or the NT looking username and password box you would all > know. I find it totally mystifying that a machine that is "protected" at > keyboard level by a password so people cant get into it and look up > sensitive info can still be gotten into at least by the local LAN and > info STILL gained. The problem here is if a disgruntled employee went > postal and knew this info, he/she could do what they want. I understand > the programs and data could be protected in other ways but it also hit me > that there must be quite a few small to medium companies living in a > delirious limbo like this, too. > > Any comments? Am I just pedantic or is this really a headbanger?
Here's a nickel, kid. Go buy yourself a real OS. Network accessibility and managing network access to sensitive resources has little -- I'm sorry, *no* -- relation to keyboard & monitor access. My main server at home (on which I'm writing this right now!) is screenlocked. If it was not network-accessible while it was screenlocked, I'd be SOL. I was playing with screenlocked UNIX systems thirteen years ago; said systems were perfectly accessible via the net. This is a feature, not a bug. -roy _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
