Mailinglist Archive: opensuse (1165 mails)

< Previous Next >
Re: [opensuse] Re: Should openSUSE review it's Security Policies?
On Thu, Mar 01, 2012 at 07:55:44PM +0000, Jim Henderson wrote:
On Thu, 01 Mar 2012 14:27:17 -0500, James Knott wrote:

Business employees generally do not get root or admin access to their

Arguably, working around that is trivial regardless of the OS. There
really is no security when the user has physical control of the device,
regardless of the OS.

With Linux, give anyone a grub menu and nothing else, and it's trivial to
get to a root prompt and change the root password.

Also extend your thinking in attack scenarios to code that breaks into your

Do you want to have that malicious also be immediately able to execute
code as root?

Ciao, Marcus
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread