On Thu, Feb 14, 2002 at 10:52:14AM -0500, Benjamin Scott wrote: > On Thu, 14 Feb 2002, Michael Costolo wrote: > > Just out of curiosity, doesn't Tom's Root Boot Disk do the same thing for > > Linux? > > Sure would. > > Repeat after me: "If physical security is lost, all security is lost." > > ;-)
"If physical security is lost, all security is lost." There. Happy? ;-) Seriously, and to diverge a bit from this thread, this does *not* however mean that console access implies lack of physical security. I had a debate on another list about usermode. Try this: o Login as a normal non-root user on the console of Red Hat 7.2 system with the usermode package installed, which I think is the default for a Workstation install. o Walk over to another machine on your network (after locking your screenm, of course) and ssh into that same box as the same user you are logged into on the console. o Type reboot as this non-root user and watch in horror as the system reboots. Yes, I did this and was caught totally of guard by it, as were many other people. Or maybe it was 7.1, I'm not sure. My theory is that you could conceivably lock a system in a safe-like enclosure under the floorboards of an employee's office with nothing but a keyboard, mouse, and video cables coming out and have reasonable physical security, but still give console access. (And, as a system administrator, there are *some* users that I think deserve this kind of setup. ;-)) With the kind of setup that usermode provides, you've essentially reduced the security of the entire system to depend on the security of the *user's* account. Consider this -- the user is logged into on the console and is not all that careful about the security of his password. Not that he writes on a yellow sticky that he has pasted on his monitor, but he is more than willing to use telnet instead of ssh to login to remote systems. Someone sniffs his password, logs into his system and halts it. His own fault? Yes. Preventable with a better default setup? Absolutely. Since it is configurable, documented, and it does still require bad behavior to exploit, it's not an absolutely horrible 'feature' to provide. But I just wish is wasn't the default setup. -- -Paul Iadonisi Senior System Administrator Red Hat Certified Engineer / Local Linux Lobbyist Ever see a penguin fly? -- Try Linux. GPL all the way: Sell services, don't lease secrets ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
