There needs to be a doc somewhere explaining the steps to achieve a setup that is as secure as possible when people are expected to have physical access to the computer.
1) Lock & alarm the case 2) Disable booting from CD, floppy, USB 3) Set a BIOS password 4) Set a grub password 5) Set a root password ... -- on fscheck a root shell is presented without password https://launchpad.net/bugs/66001 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs