On 11/11/07, Chris Warburton <[EMAIL PROTECTED]> wrote: > > On Sat, 2007-11-10 at 17:41 +0100, Thilo Six wrote: > > Milan wrote the following on 10.11.2007 16:56 > > > > <<-snip->> > > > > > All in all, I'd rather suggest to activate password-locked GRUB, but I > > > understand this question is hard to decide. Does anybody see other > > > agruments on both sides? > > > > against: > > helping users on mailing lists or irc, with boot problems. > > > Exactly. In my opinion password protecting GRUB by default will cause > headaches for a number of people,
True enough. If password protected GRUB was to be enabled, the necessary actions/patches should be done so that the users passwords can be used to unlock GRUB. (Currently only one password can be used in GRUB). > but it won't really make the system > any more secure since physical access is gained by that point (thus > allowing live media, removing the hard drive, etc.). Gaining physical access doesn't always mean it's done. I mean, just one use case I have in mind : at an office with BIOS protected computers, lots of people passing by, I'd rather bet on a five minute snoop than to bring my screwdriver and start to dismantle my boss computer... The point is, don't make it too easy. > The only extra security measure I think is worth debating is full disk > encryption. Such a thing would obviously be a nightmare for tech > support, but since there are real security benefits I think it is worth > considering and at least looking into. To me there is very little to be > gained by password protecting GRUB though, so I'm against. > > Thanks, > Chris > > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss