On Sun, 2003-11-16 at 05:04, Ric Messier wrote: > On 2003.11.15 20:07, David A. Bandel wrote: > > > > > Why server rooms are locked restricted areas (or should be). > > Absolutely. But he was concerned about someone being able to Ctrl-Alt- > Bksp into a console prompt which meant physical access to the system.
> > > > The correct answer, though, is not to leave a logged in system. Then > > you don't have to worry about it. > > > > Well, you don't worry about giving someone access to your account but > again, if someone really wanted your system and had physical access to > it, your account may not be nearly as interesting. > You also have to figure out the threat probability and cost if > successful and all that other good stuff that goes along with risk > management. :-) > > Ric Ric and everyone else, First, thanks to everyone for the discussion and ideas. Second, you're all thinking too high tech and too big. Think smaller. My dad has some involvement with a small hotel in Palm Springs. We were looking at setting up a small Gentoo box for taking reservations and just front desk stuff. Bits of email, html access to a few things. Nothing major, but not run by a techie. Just run by a front desk worker. The computer would be locked under the counter (under normal conditions) but pretty much always running. If it goes down, she unlocks the cabinet and reboots it. However, she's going to walk away from the counter now and then. it's not practical to assume she'll log it off every time she does, so xscreensaver runs and locks the screen after 5 minutes. No big deal. The question is more like what happens at lunch time, or in the middle of the afternoon when she's gone off to help someone by the pool, or late at night, in this lobby, when no one is there and someone sneaks behind the counter to play games with the box? I just want it *secure*. I don't need it to be ***SECURE***. (I think!) I don't want a Linux knowledgeable person to be able to break into it by touching the keyboard or mouse in any way. The reservation system might be on this computer, or credit card numbers might be on it. I don't know what they'll put on it. I'm just sort of setting up a test box for them to play with. What they do with it is their business. I'm just doing the front end work and thinking about the problems. Thanks, Mark -- [EMAIL PROTECTED] mailing list
