[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: package submission policy question

On Thu, Jun 02, 2005 at 03:48:24PM +0200, Christian Iseli licr org wrote:
> > probably with the further suggestion that this is why it's a really good
> > idea to have a grub password.
> I'm afraid this will not be much help against someone bringing a bootable
> CD along...

Restrict boot options in the BIOS.

> Secure servers need to be in a locked, access controled, place...

It's all about managing various levels of risk. Sure, someone *could* easily
pick the lock on the door to my house (picking a cheap home door lock is
easy if you know what you're doing), but I still close and lock my door.

If you've got a secure server, it should be in an access-controlled server
room. If you've got a lab, physical locks on the hardware combined with the
above passwords is probaby good -- sure, someone *could* get a hacksaw, but
that's why we've got security cameras and lab monitors.

If you've got a system on your desk in your dorm that you'd prefer to
discourage your roommate from getting root, setting these boot passwords is
probably sufficient even without physical locks.

Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>
Current office temperature: 77 degrees Fahrenheit.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]