Re: Doing administrative work
On Mon, Jan 22, 2007 at 07:49:30PM +0100, Johannes Wiedersich wrote:
> Tyler MacDonald wrote:
> > Have you put a password on your bootloader (GRUB, etc) to restrict changing
> > the boot parameters?
> The same applies to the bios. Otherwise someone could just switch off
> the machine, enter a knoppix-cd or boot over usb/ethernet etc. and reset
> the root password via the rescue medium.
Once you've gotten that far, don't forget to consider putting the box
inside a cage, or at least using a case lock. Otherwise someone could
just pop it open and reset the BIOS (either with a jumper or just remove
the battery in most cases), then use that boot CD you were talking about.
As was said earlier in the thread, it's all a matter of risk
assessment...
--
I would rather be exposed to the inconvenience attending too much Liberty
than those attending too small degree of it.
- Thomas Jefferson
Reply to: