[Server-devel] xs-otp: one time passwords for the XS
Martin Langhoff
martin.langhoff at gmail.com
Sun Oct 26 11:46:17 EDT 2008
On Fri, Oct 24, 2008 at 7:33 PM, Michael Stone <michael at laptop.org> wrote:
> Do the XS installation instructions offer any guidance on prohibiting
> booting with init=/bin/bash, booting from external media, or simply
> removing the XS hard drive and manipulating it from a separate machine?
"Physical security is not our problem"... (at least yet). If an XS
deployment can do really custom hw, then we can help them use a scheme
similar to what we have on the XO to only boot signed images, to
controlled runlevels, etc.
But that's unlikely to happen in the near future (AFAIK), so any
deployment that wants safety for their XSs will want to consider
physical security a must.
cheers,
m
--
martin.langhoff at gmail.com
martin at laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
More information about the Server-devel
mailing list