diff options
Diffstat (limited to 'zarb-ml/mageia-dev/attachments/20120604')
14 files changed, 56 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0001.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0001.png Binary files differnew file mode 100644 index 000000000..c952488e2 --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0001.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0002.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0002.png Binary files differnew file mode 100644 index 000000000..c127bf89f --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0002.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0003.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0003.png Binary files differnew file mode 100644 index 000000000..627cb43ef --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0003.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0004.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0004.png Binary files differnew file mode 100644 index 000000000..3c9d8cc5d --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0004.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0005.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0005.png Binary files differnew file mode 100644 index 000000000..c11f1f873 --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0005.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0006.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0006.png Binary files differnew file mode 100644 index 000000000..34730ebda --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0006.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0007.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0007.png Binary files differnew file mode 100644 index 000000000..c952488e2 --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0007.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0008.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0008.png Binary files differnew file mode 100644 index 000000000..c127bf89f --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0008.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0009.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0009.png Binary files differnew file mode 100644 index 000000000..627cb43ef --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0009.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0010.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0010.png Binary files differnew file mode 100644 index 000000000..3c9d8cc5d --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0010.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0011.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0011.png Binary files differnew file mode 100644 index 000000000..c11f1f873 --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment-0011.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment.png b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment.png Binary files differnew file mode 100644 index 000000000..34730ebda --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/11648d64/attachment.png diff --git a/zarb-ml/mageia-dev/attachments/20120604/e81fe020/attachment-0001.html b/zarb-ml/mageia-dev/attachments/20120604/e81fe020/attachment-0001.html new file mode 100644 index 000000000..40c1994a5 --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/e81fe020/attachment-0001.html @@ -0,0 +1,28 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> +<html><head><meta name="qrichtext" content="1" /><style type="text/css"> +p, li { white-space: pre-wrap; } +</style></head><body style=" font-family:'Bitstream Vera Sans Mono'; font-size:9pt; font-weight:400; font-style:normal;"> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">On Sunday, 3 June 2012 17:52:47 Colin Guthrie wrote:</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> On the whole, this kind of "security" is basically bullshit anyway.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">You can't make that assessment without understanding the rest of the security environment.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> It</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> might make things a tiny bit harder, but if you can get into the</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> bootloader to append a 1 on the command line,</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Maybe you *can't* append anything you like to the command-line. Maybe the bootloader configuration has a 'boot single' option, which should require entry of the root password to access the system.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> you can also append</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> init=/bin/bash too which totally bypasses everything too.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Not if the bootloader configuration is password protected (IOW, you can boot any configured option, but if you want to modify anything, you need to provide a password, different from the root password).</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> So while it's</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> maybe a nice idea, for all practical purposes, it's not any kind of real</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> security anyway, so don't rely on it!</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">No security implementation relies on a single control being in place. A numebr of modern security best practices have thousands of controls, and the requirement for a password to be entered to boot single is almost always one of them, and a requirement for a bootloader password is usually another.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Regards,</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Buchan</p></body></html>
\ No newline at end of file diff --git a/zarb-ml/mageia-dev/attachments/20120604/e81fe020/attachment.html b/zarb-ml/mageia-dev/attachments/20120604/e81fe020/attachment.html new file mode 100644 index 000000000..40c1994a5 --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120604/e81fe020/attachment.html @@ -0,0 +1,28 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> +<html><head><meta name="qrichtext" content="1" /><style type="text/css"> +p, li { white-space: pre-wrap; } +</style></head><body style=" font-family:'Bitstream Vera Sans Mono'; font-size:9pt; font-weight:400; font-style:normal;"> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">On Sunday, 3 June 2012 17:52:47 Colin Guthrie wrote:</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> On the whole, this kind of "security" is basically bullshit anyway.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">You can't make that assessment without understanding the rest of the security environment.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> It</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> might make things a tiny bit harder, but if you can get into the</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> bootloader to append a 1 on the command line,</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Maybe you *can't* append anything you like to the command-line. Maybe the bootloader configuration has a 'boot single' option, which should require entry of the root password to access the system.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> you can also append</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> init=/bin/bash too which totally bypasses everything too.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Not if the bootloader configuration is password protected (IOW, you can boot any configured option, but if you want to modify anything, you need to provide a password, different from the root password).</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> So while it's</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> maybe a nice idea, for all practical purposes, it's not any kind of real</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> security anyway, so don't rely on it!</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">No security implementation relies on a single control being in place. A numebr of modern security best practices have thousands of controls, and the requirement for a password to be entered to boot single is almost always one of them, and a requirement for a bootloader password is usually another.</p> +<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Regards,</p> +<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Buchan</p></body></html>
\ No newline at end of file |
