1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] bug, omission or feature
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20bug%2C%20omission%20or%20feature&In-Reply-To=%3C4FCCF918.4010505%40linuxcabal.org%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="016149.html">
<LINK REL="Next" HREF="016176.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] bug, omission or feature</H1>
<B>Richard Couture</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20bug%2C%20omission%20or%20feature&In-Reply-To=%3C4FCCF918.4010505%40linuxcabal.org%3E"
TITLE="[Mageia-dev] bug, omission or feature">rrc at linuxcabal.org
</A><BR>
<I>Mon Jun 4 20:06:16 CEST 2012</I>
<P><UL>
<LI>Previous message: <A HREF="016149.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI>Next message: <A HREF="016176.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#16160">[ date ]</a>
<a href="thread.html#16160">[ thread ]</a>
<a href="subject.html#16160">[ subject ]</a>
<a href="author.html#16160">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>I'm in full agreement, however the point of my initial post was not to
obtain an evaluation of the merits of being able to, as part of the
install as was the case in versions previous to system D, but to ask if
a mechanism, providing the same function as was previously available,
through msec or whatever, is in the plans...
I value(d) this option and think that replacing it with whatever
mechanism is necessary would be an asset to Mageia, whereas I now view
it's lack of function as a loss.
Perceptions are really important as can be seen in the various reviews
which condemn for seemingly irrelevant details...
Thanks
Richard
On 06/04/2012 06:10 AM, Buchan Milne wrote:
><i> On Sunday, 3 June 2012 17:52:47 Colin Guthrie wrote:
</I>><i>
</I>><i> > On the whole, this kind of "security" is basically bullshit anyway.
</I>><i>
</I>><i>
</I>><i> You can't make that assessment without understanding the rest of the
</I>><i> security environment.
</I>><i>
</I>><i>
</I>><i> > It
</I>><i>
</I>><i> > might make things a tiny bit harder, but if you can get into the
</I>><i>
</I>><i> > bootloader to append a 1 on the command line,
</I>><i>
</I>><i>
</I>><i> Maybe you *can't* append anything you like to the command-line. Maybe
</I>><i> the bootloader configuration has a 'boot single' option, which should
</I>><i> require entry of the root password to access the system.
</I>><i>
</I>><i>
</I>><i> > you can also append
</I>><i>
</I>><i> > init=/bin/bash too which totally bypasses everything too.
</I>><i>
</I>><i>
</I>><i> Not if the bootloader configuration is password protected (IOW, you can
</I>><i> boot any configured option, but if you want to modify anything, you need
</I>><i> to provide a password, different from the root password).
</I>><i>
</I>><i>
</I>><i> > So while it's
</I>><i>
</I>><i> > maybe a nice idea, for all practical purposes, it's not any kind of real
</I>><i>
</I>><i> > security anyway, so don't rely on it!
</I>><i>
</I>><i>
</I>><i> No security implementation relies on a single control being in place. A
</I>><i> numebr of modern security best practices have thousands of controls, and
</I>><i> the requirement for a password to be entered to boot single is almost
</I>><i> always one of them, and a requirement for a bootloader password is
</I>><i> usually another.
</I>><i>
</I>><i>
</I>><i> Regards,
</I>><i>
</I>><i> Buchan
</I>><i>
</I>
--
LinuxCabal Asociación Civil
Ing. Richard Couture
Novell CNE, ECNE, MCNE
HP/Compaq ASE
Tel.: (+52) (333) 145-2638
Cel.: (+52) (044) 333 377-7505
Cel.: (+52) (044) 333 377-7506
Web: <A HREF="http://www.LinuxCabal.org">http://www.LinuxCabal.org</A>
E-Mail: <A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">rrc at linuxcabal.org</A>
Hosted en la nube Cloud Sigma - www.CloudSigma.com
AVISO DE CONFIDENCIALIDAD: Este correo electrónico, incluyendo en su
caso, los archivos adjuntos al mismo, pueden contener información de
carácter confidencial y/o privilegiada, y se envían a la atención única
y exclusivamente de la persona y/o entidad a quien va dirigido. La
copia, revisión, uso, revelación y/o distribución de dicha información
confidencial sin la autorización por escrito de LinuxCabal está
prohibida. Si usted no es el destinatario a quien se dirige el presente
correo, favor de contactar al remitente respondiendo al presente correo
y eliminar el correo original incluyendo sus archivos, así como
cualesquiera copia del mismo. Mediante la recepción del presente correo
usted reconoce y acepta que en caso de incumplimiento de su parte y/o de
sus representantes a los términos antes mencionados, LinuxCabal tendrá
derecho a los daños y perjuicios que esto le cause.
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="016149.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI>Next message: <A HREF="016176.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#16160">[ date ]</a>
<a href="thread.html#16160">[ thread ]</a>
<a href="subject.html#16160">[ subject ]</a>
<a href="author.html#16160">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
