From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 45532138CCD for ; Sun, 29 Mar 2015 19:30:20 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9B273E0B3A; Sun, 29 Mar 2015 19:30:09 +0000 (UTC) Received: from mail-ie0-f174.google.com (mail-ie0-f174.google.com [209.85.223.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 65A9AE0B24 for ; Sun, 29 Mar 2015 19:30:08 +0000 (UTC) Received: by ierf6 with SMTP id f6so35599643ier.2 for ; Sun, 29 Mar 2015 12:30:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=1Ln7orWluoiek8l7XL+mAip0wHeyb6dAckgiarqN0WU=; b=gOPx7ife5Gz2QSV6Kqw0t5T9mtKeul02AKWGPtG86SI3nJz9PCDAJNnIvn8pMF0lPM eOYlU1Xw6mc/YjUpvLwgPn3UL68TOxgUSZ1e+Lxp1TonDOnX1FnomR54m7OSDpGjlbbq u/5HthqGK3yo47P8EP9GI+xdp5N34CXoHVUmLcC5jtEKTzFLhW+VwCeDyZJ8OAIWHHLQ D7zlimgwBWJSkfksR/sCBOxP7thygRkiN/OI1j+IxYaVK0LnWJFrlo/8sINRzx5fMtqk 6MP9jTnyFVI8pw/zpnPreO6Y7OLaPBME0ko5ooayjq1WiiGkHnZLEeGtwfX4gjUbim+2 iUHA== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 X-Received: by 10.107.38.17 with SMTP id m17mr7646750iom.84.1427657407818; Sun, 29 Mar 2015 12:30:07 -0700 (PDT) Sender: freemanrich@gmail.com Received: by 10.107.48.198 with HTTP; Sun, 29 Mar 2015 12:30:07 -0700 (PDT) In-Reply-To: <20150329232047.GA11270@waltdnes.org> References: <20150321152656.a82a84b3e8a32c8b68554548@gmail.com> <2098241.ygyfAjpUPx@wstn> <23787818.Bd5keXIqRP@wstn> <87lhigqe2n.fsf@heimdali.yagibdah.de> <20150329232047.GA11270@waltdnes.org> Date: Sun, 29 Mar 2015 15:30:07 -0400 X-Google-Sender-Auth: 0la54JGW0vdG6YqlqncylJuyHv8 Message-ID: Subject: Re: [gentoo-user] How to poweroff the system from user? From: Rich Freeman To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 X-Archives-Salt: 28b8d029-3d66-4dc8-8006-1d6ca023a5ae X-Archives-Hash: caa697f01f9703bb552123e2edbcdbad On Sun, Mar 29, 2015 at 7:20 PM, Walter Dnes wrote: > On Sun, Mar 29, 2015 at 12:43:12PM +0200, lee wrote > >> That leaves the question why a user who isn't even logged in should >> be able to reboot, which IIRC they can by default with Ctrl+Alt+Del. >> Such users shouldn't be allowed to do anything but to log in. > > As the old saying goes... "If you don't have physical security, you > don't have any security". A malicious person at the physical keyboard > of the machine could just as easily yank the power cord of out of the > wall, insert a USB key into the machine, plug the machine back in, boot > up from the USB key, and copy over malicious binaries. > With TPM, full-disk encryption, and a verified boot path, you could actually protect against that scenario (they'd have to tear apart the TPM chip and try to access the non-volatile storage directly, and the chips are specifically designed to defeat this). Secure boot would not hurt either (with your own keys). Of course, they could still try to hack in via USB/PCI/etc, or plant keyloggers and such. I'm not suggesting physical security isn't important. It just isn't a good reason to completely neglect console security. -- Rich