1 |
On Sun, Mar 29, 2015 at 12:43:12PM +0200, lee wrote |
2 |
|
3 |
> That leaves the question why a user who isn't even logged in should |
4 |
> be able to reboot, which IIRC they can by default with Ctrl+Alt+Del. |
5 |
> Such users shouldn't be allowed to do anything but to log in. |
6 |
|
7 |
As the old saying goes... "If you don't have physical security, you |
8 |
don't have any security". A malicious person at the physical keyboard |
9 |
of the machine could just as easily yank the power cord of out of the |
10 |
wall, insert a USB key into the machine, plug the machine back in, boot |
11 |
up from the USB key, and copy over malicious binaries. |
12 |
|
13 |
-- |
14 |
Walter Dnes <waltdnes@××××××××.org> |
15 |
I don't run "desktop environments"; I run useful applications |