rcedelman@comcast.net wrote:

>Sorry for the top-posting, but oh well.
>
>The "nosuid" mount option is nice, but it's not a default. You can mount "noexec" too for that 
matter. But again, with physical access to the machine, what is to top someone from rebooting and 
passing say "init=/bin/ash" as a kernel parameter? BOOM! Instant root. Granted, no GUI, but it's 
all there, and it's all free for the taking.
>
>

And that supports the automounting is bad idea... how?