Re: [Devil-Linux-discuss] TimeDicer

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 11/06/10 13:34, Dominic Raferd wrote:
> On 06/11/2010 11:50, Dick Middleton wrote:

> TS-O-Matic website allows you to build your thin client online and then
> download it to use.

Yes, I discovered that later.  It's smart isn't it.

> I'm interested in the security aspect of running from ramdisk. Do you
> boot the system and then remove the cd/flash drive?

Yes.  I have 2 partitions on my usb stick.  One for the boot iso and the 
other for storing the config file.

  Is this safer than
> having boot system and config on CD,

Safer? no.  It's just I don't have a cd drive anymore.  A cd drive is 
not ideal for being left for a long time unused.  My DL has no moving 
parts. It runs typically for a year without rebooting (power fail 
usually gets it sometime :( )

or on flash drive with a physical
> lock (whether or not config is on the boot partition)? (In all cases it
> is vulnerable to someone with physical access to the machine.)

Sure.  The problem with usb stick is that they're a bit vulnerable to 
being knocked and being pulled out.  I guess an sd card reader would be OK.

As for physical access, well yes. However, for better or for worse, 
with only volatile storage attached if the system goes down then it's 
down and gone until somebody comes along with boot media.

The read-only root fs is DL's big differentiator; might as well make the 
most of it.

Dick