On 12 Oct 2005 12:46:27 -0400, Jon Carnes <[EMAIL PROTECTED]> wrote:
How do you stop folks from gaining root if they have physical access
to the machine? Or are you assuming they don't have Linux knowledge?
Douglas Ward wrote:
I am assuming that they don't have any Linux knowledge. I don't think
there are very many computer savvy folks out there. At least I hope not...
I think it's a pretty safe assumption that Douglas is making. The basic
idea here being the same as most locks: you're trying to keep the honest
people honest. You can go one step further, and setup a password on the
boot loader, use a bios password, and physically secure the cases under
lock and key (or just solder the bios jumper leads together and super
glue the cmos and battery into their sockets, if you're really crazy).
Either of these overly-dramatic steps will keep all but the most
determined people from doing any real harm.
Also, people keep mentioning 100Mhz P1s with 128MBs of ram. I'd just
like to point out that in the realm of 100Mhz Pentiums, 32MBs of ram was
a lot. If you get back into 100Mhz 486-DX machines you're looking at
16MBs of ram. As people have also pointed out, this isn't going to run
much of a modern Gnome or KDE implementation. You'll need to go with a
stripped down windowing environment, and doing that by hand (though
possible with a modern distro) is painful, at best. Using a small or
easily stripped-down distro is probably best. Also, since you don't
have Internet (or really local) security concerns, you might reasonably
consider going with a significantly old distro, something from the
RedHat 7.x era or even 6.x. Generally speaking, the 7.x series redhat
distros will run on very minimal hardware, with Gnome, and you'll still
*probably* be able to build (note I said build, not simply install a
binary) for the latest versions of OpenOffice. All of the above is true
for comparable Mandrake versions as well, if you're more comfortable in
that realm. In practice, running a slim yet newer distro is probably
better, but only to the extent to which you're familiar enough with it
to support it from an email box on the other side of the planet.
Aaron S. Joyner
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
