Request for Review - Fedora Security Basics
rostetter at mail.utexas.edu
Mon Oct 10 20:51:33 UTC 2005
Quoting esm at logic.net:
> On Sun, Oct 09, 2005 at 07:22:43PM -0400, Tom Diehl wrote:
> > Because requiring a passwd on a box that you can sit in front of and take
> > apart is STUPID!!
> Invalid assumption; one can have access to the console without having
> direct physical access. Think IP-based KVMs, where you can go so far as
> being able to power cycle a system without being able to put hands on the
> machine. Serial consoles are a similar situation.
Or a machine in a lab, where the machines are on a security loop that prevents
the opening of the case without an alarm going off...
> Granted, this is only an issue for data-center environments generally. I
> just wanted to point it out as a use case that I'm familiar with.
There are many others. Once upon a time, almost no unix needed a root
password for single user mode. Then suddenly, most versions added that
feature. Do you think they would add the feature if there wasn't any
reason or need for it?
More information about the docs