On Wed, May 19, 1999 at 01:13:55PM +0200, Marek Habersack wrote: > * Ben Collins said: > > > > from this type of access is to use some sort of secure fs (cfs and > > secure loop devices with encryption come to mind), also check into sfs > > (sorry, no URL's for these). This has a downfall of the fact that the > > machine cannot boot without user interaction (some one to authenticate > > or supply the password for the filesystem). > Isn't that too much ado? No physical access is the cure - serious approach > to security requires NO PHYSICAL ACCESS to the server machine.
Tell that to people who have their servers in a co-located isp. My server does not have a floppy, but my tape backup is piped through mcrypt so no one can just grab the tape and pull out all of my secure files. Remember, a trusted physical environment is not always present. -- ----- -- - -------- --------- ---- ------- ----- - - --- -------- Ben Collins <[EMAIL PROTECTED]> Debian GNU/Linux OpenLDAP Dev - [EMAIL PROTECTED] The Choice of the GNU Generation ------ -- ----- - - ------- ------- -- ---- - -------- - --- ---- - --