[ previous ] [ next ] [ threads ]
 
 From:  Dana Spiegel <dana at sociableDESIGN dot com>
 To:  <EXT dash Mike dot Bradshaw at nokia dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] m0n0wall feature request
 Date:  Fri, 23 Jan 2004 08:38:38 -0500 
I understand the security feature of this argument, but couldn't this 
be a simple checkbox & reboot feature:

* Enable shell on console (requires reboot)

Which could be turned _off_ by default?

Dana Spiegel
sociableDESIGN  ::  www.sociableDESIGN.com
123 Bank Street, Suite 510, New York, NY 10014
m  +1 917 402 0422  ::  f  +1 760 454 3690  ::  
e  dana at sociableDESIGN dot com

On Jan 23, 2004, at 7:06 AM, <EXT dash Mike dot Bradshaw at nokia dot com> wrote:

>>
>> As would the ability to log out of the console and have it wait for a
>> login - it doesn't appear secure when it is constantly
>> sitting there on a logged in account.
>>
>
> if someone has physical access to your Firewall console you are pretty 
> much screwed right there.
> a simple console login is *SO* easy to defeat that it just not funny 
> (if you have physical access)
> Personally i think that the fact you ONLY have the m0n0 menu on the 
> console, no tty, no shell etc makes it MORE secure