From owner-freebsd-current Thu Nov 30 11:59:33 1995 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id LAA17422 for current-outgoing; Thu, 30 Nov 1995 11:59:33 -0800 Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id LAA17399 for ; Thu, 30 Nov 1995 11:59:16 -0800 Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id MAA01295; Thu, 30 Nov 1995 12:46:35 -0700 From: Terry Lambert Message-Id: <199511301946.MAA01295@phaeton.artisoft.com> Subject: Re: schg flag on make world in -CURRENT To: jgreco@brasil.moneng.mei.com (Joe Greco) Date: Thu, 30 Nov 1995 12:46:35 -0700 (MST) Cc: terry@lambert.org, jkh@time.cdrom.com, joerg_wunsch@uriah.heep.sax.de, freebsd-current@freebsd.org In-Reply-To: <199511301825.MAA01422@brasil.moneng.mei.com> from "Joe Greco" at Nov 30, 95 12:25:45 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 943 Sender: owner-current@freebsd.org Precedence: bulk > So I have several networks that I would consider to be secure because there > is minimal (or no) connectivity to the outside world. Maybe I don't > necessarily care if I can log in as root, but would at least like to be able > to su, knowing full well that the likelihood of my passwords being > intercepted was minimal at best... :-) > > How does this deal with that? As I said originally, sometimes perhaps you > just have to trust that root knows what the deal is... and have good root > passwords ;-) I should think that would be obvious; Drop the system secure level. How far you drop it depends on whether you think you should have to shut down to single user mode to modify "system critical" files if you are already in a secure environment. Personally, in that sitaution, I'd pick -1. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.