package submission policy question
Matthew Miller
mattdm at mattdm.org
Thu Jun 2 16:02:32 UTC 2005
On Thu, Jun 02, 2005 at 03:48:24PM +0200, Christian.Iseli at licr.org wrote:
> > probably with the further suggestion that this is why it's a really good
> > idea to have a grub password.
> I'm afraid this will not be much help against someone bringing a bootable
> CD along...
Restrict boot options in the BIOS.
> Secure servers need to be in a locked, access controled, place...
It's all about managing various levels of risk. Sure, someone *could* easily
pick the lock on the door to my house (picking a cheap home door lock is
easy if you know what you're doing), but I still close and lock my door.
If you've got a secure server, it should be in an access-controlled server
room. If you've got a lab, physical locks on the hardware combined with the
above passwords is probaby good -- sure, someone *could* get a hacksaw, but
that's why we've got security cameras and lab monitors.
If you've got a system on your desk in your dorm that you'd prefer to
discourage your roommate from getting root, setting these boot passwords is
probably sufficient even without physical locks.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 77 degrees Fahrenheit.
More information about the fedora-extras-list
mailing list