On Tue, May 10, 2005 at 05:39:25PM +0200, Gerhard Schrenk wrote: > * Martin Quinson <[EMAIL PROTECTED]> [2005-05-09 10:53]: > > > Gerhard, would it be ok for you? Other people, comments? > > Mt. > > I (submitter of this bug) am ok with a short reference to a more general > document about security. > > I wasn't aware that this "bug" is still open. It seems to be unfixable. > Mmh if you use SAK and you have secured your physical accessible > machine (bios password, bootloader password, security locked your Ata > drive, encrypted filesystem, ...) the next easy attack for password > based authentication I can think of is just to replace the keyboard with > a "fake" one... ;-)
You're kidding, right? If physical access doomes the security, why do you put a root password on those boxes? > Maybe(?) the right thing is tag this bug wontfix and leave it open for > documentation purposes? Unfortunately I posted this silly script so > I'd rather voted for closing this bug report. Documentation belongs to the man page, not to the BTS. Mmm. It looks like I'm gonna fix this bug despite the main debian packager and even despite the bug reporter... Tomasz, are you with me ? ;) Good night, people. Mt.
signature.asc
Description: Digital signature
