On Fri, 07 Jul 2023 22:05:09 -0000 Marc Chamberlin via openSUSE Users <users@lists.opensuse.org> wrote:
Hi Dave, and thanks for your input, much appreciated. Actually, each of my computers have a different purpose, one controls my radios and antennas in my ham radio shack, one controls a telescope, one controls my media center and security cameras, and a couple are general purpose workstations. I need to be able to differentiate how access to these computers is happening, if access is coming from my internal network then more rights and privileges to do things on that computer, being accesses, is granted. If access is coming from the internet then rights and privileges will be more restrictive. I don't have the luxury (or budget) to further split my computers so that they follow your "usual" arrangement of putting entire hosts in the DMZ separate from the hosts in my internal zone. And yes I understand the risks and do use additional security measures such as using encrypted data files to mitigate such issues.
Then your entire system is a waste of resources. Just use software to control access.