On Thu, 14 Feb 2002, Paul Iadonisi wrote: > Seriously, and to diverge a bit from this thread, this does *not* however > mean that console access implies lack of physical security.
Not always, but typically, it does. > o Login as a normal non-root user on the console of Red Hat 7.2 system > with the usermode package installed, which I think is the default for a > Workstation install. Red Hat's take on this is that the user logged in at the console of a personal workstation should have the right to shut it down. I can see where they are coming from, even if I don't quite agree. Personally, I think they should offer you the option of a more-hardened or less-hardened system during install. Mandrake does this. > Yes, I did this and was caught totally of guard by it, as were many other > people. Or maybe it was 7.1, I'm not sure. Console-based security has been in there since 6.x something. Look in /etc/security/ for files with "console" in their name. They also (re)set permissions on device files, such that, e.g., the console user can access the floppy drive. > My theory is that you could conceivably lock a system in a safe-like > enclosure under the floorboards of an employee's office with nothing but a > keyboard, mouse, and video cables coming out and have reasonable physical > security, but still give console access. Sure. But how likely is that? Remember, Red Hat is out to make money, and they do that by targeting likely markets. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do not | | necessarily represent the views or policy of any other person, entity or | | organization. All information is provided without warranty of any kind. | ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************