| 1 |
On Sun, Mar 29, 2015 at 12:43:12PM +0200, lee wrote |
| 2 |
|
| 3 |
> That leaves the question why a user who isn't even logged in should |
| 4 |
> be able to reboot, which IIRC they can by default with Ctrl+Alt+Del. |
| 5 |
> Such users shouldn't be allowed to do anything but to log in. |
| 6 |
|
| 7 |
As the old saying goes... "If you don't have physical security, you |
| 8 |
don't have any security". A malicious person at the physical keyboard |
| 9 |
of the machine could just as easily yank the power cord of out of the |
| 10 |
wall, insert a USB key into the machine, plug the machine back in, boot |
| 11 |
up from the USB key, and copy over malicious binaries. |
| 12 |
|
| 13 |
-- |
| 14 |
Walter Dnes <waltdnes@××××××××.org> |
| 15 |
I don't run "desktop environments"; I run useful applications |
Archives