Re: gnome/kde and hiding "power off" menü

Tue Feb 14 18:37:54 UTC 2006

On 2/13/06, Gene Heskett <gene.heskett at verizon.net> wrote:
>
> On Monday 13 February 2006 15:55, Tim wrote:
> >On Sun, 2006-02-12 at 12:49 -0600, Mikkel L. Ellertson wrote:
> >> But preventing a user that has physical access to the machine from
> >> rebooting it or shutting it down is rather pointless. They can
> >> always pull the plug to do a shutdown. (Unless you have an internal
> >> UPS.) I would rather let them do a controlled shutdown...
> >
> >I tend to agree, though I can think of situations like a public
> >demonstration PC locked into a box, or schools where you don't trust
> > the students, where making rebooting/powering-down difficult is
> > beneficial.
> >
> >I think you also have to take care of other matters if you allow
> > people to reboot computers that aren't their own, so that they can't
> > easily boot from other media, or change boot parameters, to bypass
> > your security.
>
> Which is why, when building a new box for someone at the tv station,
> there is only one cdrom drive and floppy, and they live on the shelf in
> the room where maintainance on computers is normally done.  Almost none
> of the other boxes in the building have either a floppy or a cdrom
> reader.  And its sure slowed down the infection rate when they can't
> bring their fav doom disk in thats already infected and install it on
> their work box.  We go a bunch of static at first but after the message
> was delivered in force by the GM, that was the end of the squawking.
>
> We also pretty well fixed the porn problem because anytime we find some
> on a box while we're replaceing the cpu fan or some such piddly detail,
> the drive gets re-imaged.  They lose all their personal account data
> 2-3 times and thats the end of the porn sucking.  More than once it was
> a box dedicated to news graphics.  The third time it got re-imaged, the
> news director finally got the message that these were work boxes, not
> play boxes and he is now helping to enforce the ban.  And things are
> running a hell of a lot smoother.  Note that these boxes all have free
> reign on the net, often required to run down a news or sales lead, and
> we don't cripple that access as its totally non-productive to do so.

I am going to have to remember this for when I have some power.  What an
awesome policy.  I assume most of the information sharing is done with the
network instead now.  Working for the military I don't really see this as a
viable option for me, but it would be a lot easier.

JT

--
> Cheers, Gene
> People having trouble with vz bouncing email to me should add the word
> 'online' between the 'verizon', and the dot which bypasses vz's
> stupid bounce rules.  I do use spamassassin too. :-)
> Yahoo.com and AOL/TW attorneys please note, additions to the above
> message by Gene Heskett are:
> Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060214/53b595bd/attachment-0001.htm>