On Sunday 25 February 2007 20:32, John Andersen wrote:
> Any necessity to acquire root authority to suspend a laptop is
> a hold over from a bygone era.
>
> The rest of your rant is totally based on this misguided idea
> so I won't bother a point by point analysis.
I'll give you a real world example (however trivial) that may
illustrate my
point a little better. I manage a network, and a home network, where I
connect my laptop via wifi and sometimes share it with other users. While my
son is using the laptop (for instance) I am also logged into it (sometimes
with a remote desk) from my den. I do not want him to be able to shutdown the
machine (or suspend it, or hibernate it) while I'm logged into it. In fact, I
don't want him to be able to alter that machine in the slightest. He is
allowed to signon to it, use it for the purpose we have intended for it, play
in his own virtual address space to his hearts content, and then log out. I
need to be able to monitor his activity, and access my own resources often at
the same time. So, that machine suspends or hibernates only with my own
authority (sudo / root). However, as Patrick and Benjamin have pointed out...
this is the default for good reason... but it can be easily modified as the
situation warrants. The thing I try to encourage (and probably from my
security paranoia days at IBM) is that the default should be *locked down*
and then opened as warranted... instead of the windoze paradigm which leaves
the entire system open (say backdoors, front doors, screen doors, holes in
the foundation, leaks in the roof... etc) only closing them under presure as
crackers exploit them one by one by one. Its not a rant, and its not a
soapbox... its just a paradigm shift.
--
Kind regards,
M Harris <><
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
