Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] Re: Re: Why Install Telnet by Default?
  • From: Randall R Schulz <rschulz@xxxxxxxxx>
  • Date: Fri, 9 Dec 2005 07:05:54 -0800
  • Message-id: <200512090705.55022.rschulz@xxxxxxxxx>
Michel,

On Thursday 08 December 2005 23:52, Michel Messerschmidt wrote:
> Randall R Schulz said:
> > All I have to do is walk over to his desk, say, when he goes to
> > lunch, and do things that no one can readily tell were not done by
> > him.
> >
> > On the other hand, he cannot do the reverse to me, since I haven't
> > set up passwordless access to any of these hosts.
>
> And what prevents him to install a keylogger under your account?
> Passwords for remote access give you no additional security if your
> local computer is not secured.
> I really hope you're using some kind of session lock.

Actually, I trust him. We all have fairly open access to each other's
computers, but we're all just programmers. And the company reserves the
right to monitor our work and our computers, so for all I know, there
are such monitors already.

I was just making up an example of how passwordless access can undermine
security.

Randall Schulz

< Previous Next >