[Mageia-dev] bug, omission or feature

Mon Jun 4 20:06:16 CEST 2012

I'm in full agreement, however the point of my initial post was not to 
+obtain an evaluation of the merits of being able to, as part of the 
+install as was the case in versions previous to system D, but to ask if 
+a mechanism, providing the same function as was previously available, 
+through msec or whatever, is in the plans...
+
+I value(d) this option and think that replacing it with whatever 
+mechanism is necessary would be an asset to Mageia, whereas I now view 
+it's lack of function as a loss.
+
+Perceptions are really important as can be seen in the various reviews 
+which condemn for seemingly irrelevant details...
+
+Thanks
+
+
+
+
+
+Richard
+
+
+
+On 06/04/2012 06:10 AM, Buchan Milne wrote:
+> On Sunday, 3 June 2012 17:52:47 Colin Guthrie wrote:
+>
+>  > On the whole, this kind of "security" is basically bullshit anyway.
+>
+>
+> You can't make that assessment without understanding the rest of the
+> security environment.
+>
+>
+>  > It
+>
+>  > might make things a tiny bit harder, but if you can get into the
+>
+>  > bootloader to append a 1 on the command line,
+>
+>
+> Maybe you *can't* append anything you like to the command-line. Maybe
+> the bootloader configuration has a 'boot single' option, which should
+> require entry of the root password to access the system.
+>
+>
+>  > you can also append
+>
+>  > init=/bin/bash too which totally bypasses everything too.
+>
+>
+> Not if the bootloader configuration is password protected (IOW, you can
+> boot any configured option, but if you want to modify anything, you need
+> to provide a password, different from the root password).
+>
+>
+>  > So while it's
+>
+>  > maybe a nice idea, for all practical purposes, it's not any kind of real
+>
+>  > security anyway, so don't rely on it!
+>
+>
+> No security implementation relies on a single control being in place. A
+> numebr of modern security best practices have thousands of controls, and
+> the requirement for a password to be entered to boot single is almost
+> always one of them, and a requirement for a bootloader password is
+> usually another.
+>
+>
+> Regards,
+>
+> Buchan
+>
+
+-- 
+LinuxCabal Asociación Civil
+Ing. Richard Couture
+Novell CNE, ECNE, MCNE
+HP/Compaq ASE
+Tel.: (+52) (333) 145-2638
+Cel.: (+52) (044) 333 377-7505
+Cel.: (+52) (044) 333 377-7506
+Web: http://www.LinuxCabal.org
+E-Mail: rrc at linuxcabal.org
+Hosted en la nube Cloud Sigma - www.CloudSigma.com
+
+AVISO DE CONFIDENCIALIDAD: Este correo electrónico, incluyendo en su 
+caso, los archivos adjuntos al mismo, pueden contener información de 
+carácter confidencial y/o privilegiada, y se envían a la atención única 
+y exclusivamente de la persona y/o entidad a quien va dirigido. La 
+copia, revisión, uso, revelación y/o distribución de dicha información 
+confidencial sin la autorización por escrito de LinuxCabal está 
+prohibida. Si usted no es el destinatario a quien se dirige el presente 
+correo, favor de contactar al remitente respondiendo al presente correo 
+y eliminar el correo original incluyendo sus archivos, así como 
+cualesquiera copia del mismo. Mediante la recepción del presente correo 
+usted reconoce y acepta que en caso de incumplimiento de su parte y/o de 
+sus representantes a los términos antes mencionados, LinuxCabal tendrá 
+derecho a los daños y perjuicios que esto le cause.
+
+