Date: Fri, 27 Dec 2002 20:02:24 +0100 From: Pawel Jakub Dawidek <nick@garage.freebsd.pl> To: freebsd-hackers@freebsd.org Subject: Login directly as root. Message-ID: <20021227190224.GA29966@prioris.mini.pw.edu.pl>
next in thread | raw e-mail | index | archive | help
Hello hackers... I'm wondering why there is "insecure" options in /etc/ttys for virtual consoles. As we all know, "insecure" for ttyvX means that we can't directly log in as root, but "insecure" for console field in /etc/ttys means only that we will be asked for root's password in single mode. Hmm, if I got psyhical access to machine and ttyvX are in "insecure" mode and I know root's password I can just reboot machine and log in as root. So if "insecure" mode is a security feature, shouldn't this be in that way (in single mode): Login: <wheel group member> Password: <wheel group member's password> Root's password: <root's password> ? -- Pawel Jakub Dawidek UNIX Systems Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021227190224.GA29966>