Mailinglist Archive: opensuse (1165 mails)

< Previous Next >
[opensuse] Re: Should openSUSE review it's Security Policies?
  • From: Jim Henderson <hendersj@xxxxxxxxx>
  • Date: Thu, 1 Mar 2012 20:49:37 +0000 (UTC)
  • Message-id: <jiond1$aj1$5@dough.gmane.org>
On Thu, 01 Mar 2012 15:26:47 -0500, James Knott wrote:

Jim Henderson wrote:
On Thu, 01 Mar 2012 14:27:17 -0500, James Knott wrote:

Business employees generally do not get root or admin access to their
computers.
Arguably, working around that is trivial regardless of the OS. There
really is no security when the user has physical control of the device,
regardless of the OS.

With Linux, give anyone a grub menu and nothing else, and it's trivial
to get to a root prompt and change the root password.

Jim


I guess you've never worked in a corporate environment, where employees
can be disiplined for violating IT policy.

I spent 15 years working in corporate IT environments as a systems
engineer, with company sizes ranging from < 200 employees to > 250,000
employees.

Just because employees can be disciplined for violating IT policy doesn't
mean (a) that they don't work around security measures put in place, or
(b) that such discipline actually happens, even though it's a
possibility. The threat of action is usually sufficient to keep most
employees in line, but there are always those who flaunt the policies
(some very visibly) either because they feel they're untouchable or
because - believe it or not - they *are* untouchable (ever had an
executive who felt that because it was his company, he shouldn't be
subject to the rules? I have. Just try and have disciplinary action
taken against people in management - in a lot of companies, that's a way
to get sacked.)

If you "work around"
something like a root or admin password, then you're inviting
disiplinary action. In general, corporate employees do not get root or
admin password and for good reason.

Sure, they don't, but not everybody plays by the rules, and not everybody
is required to play by the rules.

Jim

--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups