From owner-freebsd-questions  Thu May  3 15:56:52 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from hotmail.com (f21.law11.hotmail.com [64.4.17.21])
	by hub.freebsd.org (Postfix) with ESMTP id 0BBEF37B423
	for <questions@freebsd.org>; Thu,  3 May 2001 15:56:49 -0700 (PDT)
	(envelope-from burnscharlesn@hotmail.com)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	 Thu, 3 May 2001 15:56:48 -0700
Received: from 157.242.222.105 by lw11fd.law11.hotmail.msn.com with HTTP;	Thu, 03 May 2001 22:56:48 GMT
X-Originating-IP: [157.242.222.105]
From: "Charles Burns" <burnscharlesn@hotmail.com>
To: questions@freebsd.org
Subject: OT: FreeBSD Security tip
Date: Thu, 03 May 2001 15:56:48 -0700
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F21lbpH71yEXUIEAOeI000043df@hotmail.com>
X-OriginalArrivalTime: 03 May 2001 22:56:48.0583 (UTC) FILETIME=[5590AD70:01C0D424]
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I have a quick security tip. Not that I am of the calibre of expertise to 
make any recommendations to most of the people on this list, but this is 
fairly subtle and may not have been thought of by some.
This is also for the FreeBSD newbie admins that may browse this list but not 
post.
If there is a more appropriate place for this, or if it is completely 
obvious, please flame me and then set your software to ignore future 
messages from this email address after subscribing me to several hundred of 
your favorite Spam(R) lists.

I have noticed that, with significant frequency, users in the "wheel" group 
make mistakes when typing in the root password such that all or part of the 
root password is actually typed onto the command-line rather than into su's 
input buffer.
This happens occasionally when initially logging in as well.

To prevent a potential snoop from looking at command logs or scrolling up IF 
at the local terminal (which is a security problem in and of itself) I set 
all users logoff scripts to delete their command log and clear the screen.

Every little bit helps. :-P
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message