On søn, 2006-09-24 at 11:00 +0200, Axel Thimm wrote: > On Sat, Sep 23, 2006 at 07:45:03PM +0200, Ola Thoresen wrote: <snip> > > and then my question is - what are the _real_ security gained from > > this? > > Think of non-authorized persons sitting in front of the system, > power-cycling it, and manipulating the system boot-up (examples are > publicly exposed systems like student labs). But unless you harden grub (which you suggest - and that's a good thing) you don't gain any security, as a person in front of the computer could normally just boot into single user mode, or use a number of other ways to bypass any security in the init scripts. But we should maybe add a "secure boot" option, that will set a password for grub, disable ctrl-c during init and the "interactive boot" question as well as taking other measures to protect the startup. Rgds. Ola Thoresen -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
