%META:TOPICINFO{author="ChrisBartram" date="1149834548" format="1.1" version="1.1"}%
%META:TOPICPARENT{name="Hp3000ShopSecurity"}%
Access to a logged on system console gives the perpetrator access to all the capabilities and data that the owner of the logon has. Many shops often leave the console logged on as OPERATOR.SYS (or equivalent) OP capability user. For this reason alone, securing physical access to the system console is important.

Anyone with physical access to the "logical" system console (which need not be ldev 20 -- the logical console can be pointed to any physical terminal or logged on network session) can at a minimum shut down the system. =SHUTDOWN cannot be disabled via the logical console.

Anyone with physical access to the "physical" system console device has access (by hitting control-B) to the ISL prompt on MPE/iX PA-RISC HP3000s. Shutting down or restarting the system, as well as other destructive tasks can be accomplished.



-- Main.ChrisBartram - 09 Jun 2006