Ahmed Kamal wrote:
> oh! No, the hardware is *not* my concern. It's the data! Let me quickly
> recap. Let's try points this time
>
> - The Linux system I build will be on someone else's network (mostly other
> potentially hostile companies)
> - The system provides a web interface to a database that users should access
> & use
> - The users should not be able to steal/mount the disk, to dump my database
> or look at my code
> - I know such setup will never be 100% secure, I just need to make stealing
> the data as hard as possible
>
> Hope that's clear. I apologize if I was not too clear earlier


Nothing you've said so far tells me why you must have confidential data
on local storage or why you can't run these "kiosk" machines of a server
located in a secure location.



>
> On Jan 18, 2008 5:46 PM, J E <jef_umd@(protected):
>
>> On Jan 18, 2008, at 10:27 AM, John Summerfield wrote:
>>
>>> Ahmed Kamal wrote:
>>>> Perhaps I misused the word "kiosk" and was not clear describing the
>>>> role of
>>>> the nodes. They will not be on my network. They will be on someone
>>>> else's
>>>> network (some other company, or some other organization). The nodes
>>>> will be
>>>> providing network services (Custom databases, accessible through a
>>>> browser),
>>>> sometimes some ldap services.
>>>> Again, the people around the machine should use it as intended, no
>>>> one
>>>> should be able to steal/mount the disk to dump data (at least not
>>>> easily)
>>> I think we need better information about the problem you're trying
>>> to solve.
>>
>> Agreed. If your main worry is that the hardware will be stolen, cheap
>> hardware abounds in the marketplace. I'd not invest heavily in systems
>> that aren't going to be monitored - probably better to treat them as
>> throwaways if you aren't going to lock them in some form of cabinet.
>> And don't rule out hardware terminal servers like those available from
>> HP starting at $200.
>>
>> If it's the data that you are worried about, the fact that you have to
>> ask how best to protect it should tell you that doing it with local
>> storage is probably a very bad idea.
>>
>> jef
>>
>> _______________________________________________
>> rhelv5-list mailing list
>> rhelv5-list@(protected)
>> https://www.redhat.com/mailman/listinfo/rhelv5-list
>>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> rhelv5-list mailing list
> rhelv5-list@(protected)
> https://www.redhat.com/mailman/listinfo/rhelv5-list


--

Cheers
John

-- spambait
1aaaaaaa@(protected)
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

_______________________________________________
rhelv5-list mailing list
rhelv5-list@(protected)
https://www.redhat.com/mailman/listinfo/rhelv5-list