Date: Thu, 03 Feb 2005 23:24:59 +0000 From: Chris Hodgins <chodgins@cis.strath.ac.uk> To: epilogue <epilogue@allstream.net> Cc: freebsd-questions@freebsd.org Subject: Re: xhost +localhost Message-ID: <4202B2CB.3000402@cis.strath.ac.uk> In-Reply-To: <20050203134948.06fee67a@localhost> References: <ef60af0905020218193eea1fc9@mail.gmail.com> <LOBBIFDAGNMAMLGJJCKNEEDHFAAA.tedm@toybox.placo.com> <ef60af0905020305433c03cc4c@mail.gmail.com> <20050203134948.06fee67a@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
epilogue wrote: > On Thu, 3 Feb 2005 14:43:39 +0100 > Gert Cuykens <gert.cuykens@gmail.com> wrote: > > >>On Thu, 3 Feb 2005 00:32:23 -0800, Ted Mittelstaedt >><tedm@toybox.placo.com> wrote: > > >>>While all of this is very interesting academic, if user Gert is dumb >>>enough to leave the console of his UNIX system accessible then user >>>Ted can come along and power cycle it into single user mode and wipe >>>his disks whether he has the root password or not. > > > While i quite agree with Ted's encouraging Gert to run X as joe user, > rather than root (for a variety of security related reasons) it is a > trivial matter implement a password requirement for boot -s. This way, > even if a user can boot -s, they *must* have the root passwd. > > This implementation does mean, however, that you should not forget the > root passwd, for if you do forget, you will not be able to reset it > via boot -s and passwd. > > /etc/ttys > > # If console is marked "insecure", then init will ask for the root > # password when going to single-user mode. > > console none unknown off insecure > > my 2 cents CAD for the day. > > > cheers, > epi > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > If you have local access to a machine, you can easily get access...password or not. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4202B2CB.3000402>