The fact is that if you want any system to be secure from access, it must have no network access and noone must be able to get to the machine [physically or logically]. My cousin works for a part of the government and their main machines are in Faraday cages in concrete windowless buildings with guard, swipecard, code, fingerprint access, plus video cameras all over the place [plus some more things that he can't tell me about <grin> ]all before you can get anywhere near the machine! Even then, one can say it isn't 100% secure as he has access to the machine. You can insert a "rescue" disk to Redhat and mount the fs with no root access as I believe they use ext3 now which is backwardsly compatible with ext2. You can mount an ext3 partition on an ext2 only system - it just doesn't have the journalling. At least SuSE has the option of ResierFS which is less likely to be able to be booted from a "rescue" disk as most rescue disks don't have reiser capabilites [not difficult to include]. The cryptographic file systems will not allow you to mount the partition without the proper passphrase, as root or otherwise, so that offers a better model of security. *NO* machine is 100% secure. You would have to have lots of people scrutinizing the code, even in the compilers, and even then, do you trust those people ;o) Still thats my 0.02 EUR ;o) -- Jon Somewhere between here and inanity.