Can you set up [Knoppix] Linux so that it is impossible, or at least difficult, for a user to switch to a virtual terminaln without re-booting? AKM = = =
Ross Werner <[EMAIL PROTECTED]> wrote: On Wed, 9 Nov 2005, Jason Holt wrote: > On Tue, 8 Nov 2005, Ross Werner wrote: >> they can turn off whatever customizations you have created. In the security >> world, having physical access to a computer basically means that there is >> no way to completely secure that computer. > > Well, it depends on what you mean by "console access". The BYU kiosks are > pretty good nowadays, AFAICT. Keep them from opening the case, out of the > bios and bootloader, and then it's down to limiting what an unprivileged user > can do. Indeed. By "physical access" I mean full physical access. Once you even mitigate that with "supervised physical access" it becomes much more difficult for a malicious attacker to circumvent the system. (For example, I'm sure the proctors at these exams will notice somebody opening a case and tripping the BIOS password reset. They'd *probably* notice someone switching to a virtual terminal long enough to figure out what's up with the iptables configuration and do something to get around it. They probably *wouldn't* notice someone switching to a virtual terminal long enough to paste the exam text into an ssh session, if done surreptitiously.) ~ Ross /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */ /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
