True Story
Give an untrusted person physical access to a machine and you're pwned.
That's been the story for decades. Modern enhancements make it more
difficult but all bets are off when a bad person has physical access to
the hardware. 
Even if they don't actually obtain access to the unencrypted data on
the hardware, your recovery is only as good to when you last had a good
backup if you end up with missing hardware.
Misconfigure the VM or the container or access to your platform and
physical access to the hardware takes on a new meaning.
If I can create a container on your hardware, I may have physical
access to your hardware.
See https://blog.jessfraz.com/post/docker-containers-on-the-desktop/
Specifically look at #7 Gparted
Modern technologies have opened new vectors and closed old vectors for
pwning your stuff.
Stay vigilant.
On Wed, 2017-09-13 at 12:10 -0500, Clug wrote:
> The thing is, if someone has physical access to your machine,
> they've 
> pretty much bypassed 99% of any security measures you have. This is
> not 
> new and not unknown; most people simply ignore that because who's
> going to 
> go into your house with a USB stick just to boot your computer?
> 
> That said, there are many ways to block this. You can have a boot
> password 
> right in the BIOS. Then nobody can boot your machine. You can also
> block 
> booting from CD or USB in the BIOS and put a password on the BIOS
> setup.
> 
> Course, that means someone can just steal your harddrive and plug
> that 
> into another computer. This is where full-disk ecryption comes in.
> 
> If that's too much for you, most Linux distros will let you encrypt
> your 
> homedir.
> 
> 
> 
> On Wed, 13 Sep 2017, Rick Engebretson wrote:
> 
> > 
> > As I play around backing up, upgrading, and what-not, I use 
> > not-so-hotswappable hard disk drives. Sometimes I goof up and have
> > a bad 
> > /etc/fstab file and the system will hang at boot. In older distros
> > there were 
> > some instructions to boot to root and use "mc" to edit /etc/fstab.
> > This newer 
> > opensuse distro had me stumped how to just get the filesystem
> > going.
> > 
> > So I tried the Fedora Live DVD and booted to DVD, mounted the boot
> > hard drive 
> > in KDE "dolphin" file manager, opened the KDE editor "kwrite,"
> > edited and 
> > saved the system file /etc/fstab, and rebooted the opensuse hard
> > drive smooth 
> > as silk.
> > 
> > I might be wrong, but these Linux Live DVDs seem to open a giant
> > security 
> > hole.
> > _______________________________________________
> > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> > tclug-list at mn-linux.org
> > http://mailman.mn-linux.org/mailman/listinfo/tclug-list
> > 
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20170913/e9d19a8d/attachment.html>