Re: Does Security matter at all?
Ok. I might have misunderstood you -- it just seems like you did quite
seriously misunderstand one very significant word Ari Makela wrote. I
hope I can moderate between you two.
Today, Christopher W Curtis <ccurtis@aet-usa.com> wrote:
> Ari Makela wrote:
>> No, because physical access is needed there's absolutely no
^^^^^^^^^^^^^^^ please read this again and think about
what this means.
>> solution. I must say I haven't read all the posts in the thread but I
>> have understood that physical access is needed. If that's correct
>> there's no security. Tell me if I'm wrong.
> Fine, I'll stand down - as long as you agree that if anyone has access
^^^^^^
And now, please read again what you said and, again, think about what
you mean.
> to a machine, then there is no use in even assigning a password for
> root.
There is a value in assigning a password to root. Quite so, if there
are any users (apart from root) which will have _access_ to the
machine -- access as in, ssh, rsh, ftp etc.
There may also be some value in assigning a password to root even if
there are any users that will have _physical access_ to the machine --
access as in, can change disks, can open the case to peek what's
inside, pick some hard disks from their place or poke a ten-inch-nail
into the mainboard (with the aid of a sledgehammer).
There may be some value to it, but not much, because if the user has
physical access to the machine, he can do nearly everything he likes
with it: smash it to little pieces, reboot it with an emergency
floppy, take out a hard drive (which may as well be a hot drive, but
let's not elaborate on that).
You see, there are some suble differences between mere access to a
machine and physical access to it. That is why @VBCs have their
important machines behind big, heavy steel doors which can be locked
pretty tight.
> Christopher
HTH, and that I could clear matters between you two a bit.
regards,
--
Andreas Stefan Fuchs in Real Life aka
asf@acm.org, asfuchs@gmx.at, asf@ycom.at in NNTP and SMTP,
antifuchs in IRCNet and
Relf Herbstfresser, Male 1/2 Elf Priest in AD&D
Reply to: