[newbie] Login passwords

1999-07-14 Thread Richard Salts 

Hi, list;


When only one person ever uses their own computer and they want Linux
installed, is it _really_necessary_ for these people to have to login, 
give a password to get into their own computer if no one else ever uses it?
 Is there some means that an individual user can get out of having to do this?

Re: [newbie] Login passwords

1999-07-14 Thread Bert Bullough 

Separate logins are necessary to protect you from yourself. Root has unrestricted
access to every file on your system, thus making it very easy for you to screw
things up royally if you don't know what you are doing. Unless you are performing
system maintenance you want to login as a restricted user.

Richard Salts wrote:

 Hi, list;

 When only one person ever uses their own computer and they want Linux
 installed, is it _really_necessary_ for these people to have to login, 
 give a password to get into their own computer if no one else ever uses it?
  Is there some means that an individual user can get out of having to do this?

Re: [newbie] Login passwords

1999-07-14 Thread Ripcrd6 

Here's a thought for you.   What if somebody comes in and steals your PC.
I have a password on my BIOS so if some Ba*tard steals it, all he gets is a
doorstop.   Maybe if someone knows what they are doing they could clear
this, but I want to make it damn difficult.   I had my house broke into
last year and they took a VCR, TV and camcorder.   I doubt they saw my PC
in the other room and the dog probably woke up by then, but the neighbor
across the street lost tons of stuff.

My point, if we all used passwords on PCs like we put locks on our houses,
those lowlifes would have less motivation to steal our stuff.  /*rant off
Brian
-Original Message-
From: Richard Salts [EMAIL PROTECTED]


Hi, list;

When only one person ever uses their own computer and they want Linux
installed, is it _really_necessary_ for these people to have to login, 
give a password to get into their own computer if no one else ever uses
it?
 Is there some means that an individual user can get out of having to do
this?

Re: [newbie] Login passwords

1999-07-14 Thread Ramon Gandia 

Richard Salts wrote:
 
 Hi, list;
 
 When only one person ever uses their own computer and they want Linux
 installed, is it _really_necessary_ for these people to have to login, 
 give a password to get into their own computer if no one else ever uses it?
  Is there some means that an individual user can get out of having to do this?

Yes, there are methods.  But if the computer is _ever_ on the
internet (via a dialup account and modem), then this will not
work.  Anybody can simply telnet to the box and hit the enter
key (or maybe nothing at all) and there is the prompt.

You must keep in mind that "one person ever uses the computer"
means just that:  a computer with NO outside connections of
any sort. 

The second thing to keep in mind is that there are usually
TWO users to every computer.  The first is ROOT, and the second
is the user.  It is not a good idea to be logged in as root
all the time; in fact, some things will not work as root.
For instance, if you subscribe to the RedHat mailing list
as user root (regardless what your email address is), the
subscription requests (or posts) will be ignored.  Root user
is detectable.

Another drawback of user root is the amount of email he gets
from the system, which is annoying.  And lastly, there is no
protection of any sort in Linux against a wrong keystroke.  It
is not like Win95 with endless messages of "Are you Really Sure
you wnat to do this?"  In Linux, when you hit the enter key
the system assumes you meant what you said, and has NO mercy.
As a non-root user there is a degree of protection, but as root
there is not a chance.

Having said all that, you can probably set up one of the
virtual consoles (physical keyboard, not a telnet connection)
to auto-login as whatever you want.  I do not recall exactly,
but I think it is one of the mingetty options in the /etc/inittab
file.  This is probably fairly safe, although it would have the
disadvantage that the person using it falls into a certain set
of habits that other Linux users do not have.  A visitor to the
house could have undesired effects.  There would be no way to
secure the box.
-- 
Ramon Gandia  ---Sysadmin  ---  http://www.nook.net
285 West 1st Avenue  ISP for Western Alaska
P.O. Box 970  tel. 907-443-7575
Nome, Alaska 99762fax. 907-443-2487
===

Re: [newbie] Login passwords

1999-07-14 Thread Patrick Putteman 

A bios password is totally useless. Bioses can be reset in different ways.
Either by removing the battery and putting it back, or if the battery is
soldered on the MB, by removing and putting back the bios chip. Some MB's
have jumpers to reset a bios.

Absolute security for a PC is  inexistant

Patrick

- Original Message -
From: Ripcrd6 [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, July 14, 1999 9:29 PM
Subject: Re: [newbie] Login  passwords


 Here's a thought for you.   What if somebody comes in and steals your PC.
 I have a password on my BIOS so if some Ba*tard steals it, all he gets is
a
 doorstop.   Maybe if someone knows what they are doing they could clear
 this, but I want to make it damn difficult.   I had my house broke into
 last year and they took a VCR, TV and camcorder.   I doubt they saw my PC
 in the other room and the dog probably woke up by then, but the neighbor
 across the street lost tons of stuff.

 My point, if we all used passwords on PCs like we put locks on our houses,
 those lowlifes would have less motivation to steal our stuff.  /*rant off
 Brian
 -Original Message-
 From: Richard Salts [EMAIL PROTECTED]


 Hi, list;
 
 When only one person ever uses their own computer and they want Linux
 installed, is it _really_necessary_ for these people to have to login, 
 give a password to get into their own computer if no one else ever uses
 it?
  Is there some means that an individual user can get out of having to do
 this?

Re: [newbie] Login passwords

1999-07-14 Thread Mike Ortiz 

I agree with Brian...

On Wed, 14 Jul 1999, Ripcrd6 wrote:

 Here's a thought for you.   What if somebody comes in and steals your PC.
 I have a password on my BIOS so if some Ba*tard steals it, all he gets is a
 doorstop.   Maybe if someone knows what they are doing they could clear
 this, but I want to make it damn difficult.   I had my house broke into
 last year and they took a VCR, TV and camcorder.   I doubt they saw my PC
 in the other room and the dog probably woke up by then, but the neighbor
 across the street lost tons of stuff.
 
 My point, if we all used passwords on PCs like we put locks on our houses,
 those lowlifes would have less motivation to steal our stuff.  /*rant off
 Brian

Re: [newbie] Login passwords

1999-07-14 Thread Axalon 


Yes you really need logins and passwords, there is a nice work around if
the site is secure (eg, your house) use rungetty, you'll beable to have it
spawn shells or X servers as the specified user (don't ever do this with
the root login, imagine your dogs/cats/kids/whoever eraseing the whole pc
with a typo into the wrong screen or dropping the keyboard)

On Wed, 14 Jul 1999, Richard Salts wrote:

 Hi, list;
 
 
 When only one person ever uses their own computer and they want Linux
 installed, is it _really_necessary_ for these people to have to login, 
 give a password to get into their own computer if no one else ever uses it?
  Is there some means that an individual user can get out of having to do this?