On 21 March 2014 11:18, Darac Marjal <mailingl...@darac.org.uk> wrote: > On Fri, Mar 21, 2014 at 11:06:03AM +0000, Robin wrote: >> I may have missed something. If someone has physical access to your >> machine can't they just power off and go into single user mode and >> change the root password? > > Maybe, maybe not. Console access doesn't have to mean complete access. > The scenario I always have in my head for these sorts of things is a > Computer Lab at a university/college. You can allow anyone to come up > and use the machine via the keyboard/mouse/VDU attached to it, but to > counter the attack vector you mention, you simply lock the computer > itself away in a secure cage under the desk. That also stops the > "security vector" of someone simply picking up the machine and walking > off with it ;) >
Sorry my mail was a bit terse. I was referring to whether a DM is more secure than startx when there is physical access to a machine. -- rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/caozwb-pam8gh4dtbf-pgvfu+sueuqjfaxwp_tjyasnvzlkj...@mail.gmail.com
