From owner-freebsd-security Wed Apr 12 09:42:03 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id JAA17280 for security-outgoing; Wed, 12 Apr 1995 09:42:03 -0700 Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id JAA17274 for ; Wed, 12 Apr 1995 09:41:57 -0700 Received: by halloran-eldar.lcs.mit.edu; id AA07111; Wed, 12 Apr 1995 12:41:14 -0400 Date: Wed, 12 Apr 1995 12:41:14 -0400 From: Garrett Wollman Message-Id: <9504121641.AA07111@halloran-eldar.lcs.mit.edu> To: Mr D Whitehead (Ext 2703) Cc: freebsd-security@FreeBSD.org Subject: FreeBSD Security Problem? In-Reply-To: <9326.9504121533@sol.sees.bangor.ac.uk> References: <9326.9504121533@sol.sees.bangor.ac.uk> Sender: security-owner@FreeBSD.org Precedence: bulk < said: > One ancient and major problem seems to exist (unless I have missed > something or it has already been altered) and that is the reboot to > single user. No password, nothing, just a root shell to do with as > you wish. >From /etc/ttys: ------------------------------------ # This entry needed for asking password when init goes to single-user mode # If you want to be asked for password, change "secure" to "insecure" here console none unknown off secure ------------------------------------ -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant