sruiz at mccsc.edu
Mon Mar 5 15:37:05 UTC 2007
Thanks for the info,
I don't harbor illusions about having some sort of foolproof shield that keeps unsupervised users from using their ingenuity to do as they wish on the workstations.
Any workstation that you don't have physical control of should be assumed to be unsecure, and I limit the amount of "sensitive" information that is kept on the workstations for this very reason (though it is important to have the private half of a key on the teacher workstation, that one should theoretically be better supervised than the student workstations).
I don't think the added complexity of using encrypted filesystems, for example, is worth the effort, but adding a password to the recovery mode seems to have a good Return On Investment.
I fully expect a knowledgeable and bored student to compromise our security at some point. They've been doing it on our Windows XP desktops for years!
However, I do want to make sure it's a little more of a challenge than reading the Ubuntu guide ;-)
Hope you're having a beautiful day!
From: Paul O'Malley [mailto:ompaul at eircom.net]
Sent: Sun 3/4/2007 7:44 AM
To: Simon Ruiz
Cc: Edubuntu Devel Group
Subject: Re: newby
Simon Ruiz wrote:
> So you mean there's a simple way for any user, any student, to get root access to our machines?
> Can this be helped by MAKING a root password?
> Hope this finds you all doing great!
Kind of long reply!
I am sending this to the devel list, but think that perhaps there are
better places for it, it raises issues that people may wish to take on
board to build better management systems, and for that reason alone I
let it go.
Root adds nothing to the process, other than meaning that all machines
have a similar logon that can be brute force attacked from the console
or remotely that is another arguement, and as strong passwords should be
in use anyway.
Computer security is not an action, nor is it a product, but a set of
behaviours wrapped up in technology, i.e. a process.
If you want to protect the box a little more then put a password on GRUB
and don't forget it. The whole security aspect is very broad and I give
some treatment to the questions involved before you do any more below.
The instructions for doing so are beyond the scope of this mail however:
WARNING: if you do this you can't really afford to make a mistake if it
is your only way onto the internet.
With physical access to the machine a person with the right knowledge
can still get in.
For instance, if the bios has a password on the machine and you want to
boot off a CDROM what combinations to bypass that measure are available
Encrypted file systems are an option, costing CPU cycles, thus making
the box slower. This is to say nothing of the cost to convenience if
your hard drive/raid crashes and you need new hardware.
This then creates other issues around your backups, are they to be in
plain text or encrypted, should they be tied to the machine or something
Who will document this process so when the person who sets it up goes
elsewhere, or is sick and something needs to be done and maybe if they
have forgotten how it was done.
How are those instuctions to be held?
Are the computers available for people to interact with zero supervision?
What are you trying to protect, workstations or servers.
At what point do you trust your users, if you say you don't trust them
at all, let me point out they do get to use the boxes.
There is no security system that is fool proof, humans make them, they
can be complex, but humans can and will break them.
Perhaps I'll cease before this becomes a full on discussion of IT
security, it seems that someone hit one of my buttons. ;-)
More information about the edubuntu-devel