Quoting Arnt Gulbrandsen (arnt@???):

> Reminds me of the story about the airline captain who took the mike
> to apologise to the passengers for a delay: "I was held up in the
> security control, they were worried that I might seize control of
> the airplane."

Funny that you should mention that: You might actually have seen that
tale as related by _me_ on Risks Digest.

http://catless.ncl.ac.uk/Risks/25.01.html#subj8

> Imagine a host with hundreds of simultaneous users, such as (say) a
> >shared ISP machine. You would absolutely not want just anyone to be
> >able to shutdown or reboot the machine at will. Tberefore, the
> >conventional solution to this problem is to require membership in a
> >bespoke group for shutdown/reboot rights.

> I believe the conventional solution is to locate such hardware
> behind locked doors and make sure few people have access to the
> power cables.

Yes, mostly. It would be rare to permit physical console access (other
than by highly trusted people) on a shared ISP machine or anything like
that. In edge cases -- which really isn't likely -- one _might_ imagine
a server that does significant work for remote users and simultaneously
regular users were permitted use of a local console.

As I mentioned about the San Francisco cybercafe's NFS/NIS master,
_that_ host was physically in a locked room upstairs but the keyboard
and monitor were deliberately accessible to the public downstairs -- as
an example.

Obviously rare, though.