(old)Puppy Linux Discussion Forum

Luluc wrote:

dawg wrote:(1) - Imagine you have a single computer in a household populated by more than 1 person, all sharing that same computer, young kids and/or other computer-nonproficient and possibly naughty users included.
- The computer has a harddrive where a bunch of each user's stuff that doesn't fit on USB flash drives (videos, music...) is stored that none of the users wants screwed with by the rest of the users.
- Running as root will allow screwing with the said files by anyone (else) in the household, whereas having multiple users added to the system and proper access permissions set for each user's files who can then login separately, will not.

If your kids are... erm... curious enough, they could boot from a live CD and still have access to those precious files. Setting up user accounts in Puppy would not prevent that. The best way to prevent that is with encrypted partitions.

Unless one sets the BIOS to only boot from the HDD, and locks it with a password

re: "Unless one sets the BIOS to only boot from the HDD, and locks it with a password"

I am not a security freak, altho I use IceCat as Spot, and have the mandatory minimum security, i.e: NoScript, BetterPrivacy, etc, and I don't mean to rain on your parade, but today's "curious" kiddies know that if you remove+replace the CMOS battery, when you boot up there is no password required and the CMOS sets the BIOS up automatically on modern computers, with CD-boot as the first option.

Don't underestimate your kids.

WindUpToy wrote:re: "Unless one sets the BIOS to only boot from the HDD, and locks it with a password"

I am not a security freak, altho I use IceCat as Spot, and have the mandatory minimum security, i.e: NoScript, BetterPrivacy, etc, and I don't mean to rain on your parade, but today's "curious" kiddies know that if you remove+replace the CMOS battery, when you boot up there is no password required and the CMOS sets itself up automatically on modern computers, usually with CD-booting being the first option.

Don't underestimate your kids.

Well yeah, that obviously isn't gonna work for those, so a different approach may be needed (i.e. authority)

heh heh.

Yup, its us vs them.

Just because they are smarter than us doesn't mean we let them rule.

well, I am chagrined.
I was invited to read the "Gory Details" that Pizzasgood wrote on his experience creating a multiuser puppy distro.

That was NOT a trivial project. And I can now see why creating a PET to do a similar change would be a fruitless endeavor.

I won't say that I would be unhappy to see Puppy become a distro with the multi user facilities built in, but I am no longer advancing the opinion that it *should* be.

I am happy with Puppy on my Dell mini 9 netbook, although I will no longer be using it on my desktop.

I may just have to get rid of ubuntu netbook remix altogether.

I locked the boot with a password, and have set a password for root, on the mini, and I am comfortable enough in 'NIX to know I should never go to a terminal and rm -r stuff. LOL

Thanks for the patient discussion Musher0 and pizzasgood!!

WindUpToy wrote:kiddies know that if you remove+replace the CMOS battery, when you boot up there is no password required and the CMOS sets the BIOS up automatically on modern computers, with CD-boot as the first option.

In my case I don't worry about "kids", and if I power up my system and it does NOT need a password, then I KNOW I have been hacked, cracked and compromised, I can then take steps to minimize the damage, ie, passwords, accounts, etc.

Without that boot protection, I may not know that my data has been compromised.

:-0

WindUpToy wrote:re: "Unless one sets the BIOS to only boot from the HDD, and locks it with a password"

I don't mean to rain on your parade, but today's "curious" kiddies know that if you remove+replace the CMOS battery, when you boot up there is no password required and the CMOS sets the BIOS up automatically on modern computers

True, but instead I would worry about the fact that, assuming the BIOS password will be respected, then no one can use the computer at all except The Great Guardian of the Key, which defeats the purpose of having a multiple account system, which was being discussed.