From owner-freebsd-questions@FreeBSD.ORG Fri Apr 23 04:45:10 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0339C16A4CE for ; Fri, 23 Apr 2004 04:45:10 -0700 (PDT) Received: from mtaw6.prodigy.net (mtaw6.prodigy.net [64.164.98.56]) by mx1.FreeBSD.org (Postfix) with ESMTP id BBDA943D39 for ; Fri, 23 Apr 2004 04:45:09 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (4eed4ca8b0e323a60da1b4f80b36d56a@adsl-67-115-73-128.dsl.lsan03.pacbell.net [67.115.73.128]) by mtaw6.prodigy.net (8.12.10/8.12.10) with ESMTP id i3NBhupT012183; Fri, 23 Apr 2004 04:43:57 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id C248A52346; Fri, 23 Apr 2004 04:45:08 -0700 (PDT) Date: Fri, 23 Apr 2004 04:45:08 -0700 From: Kris Kennaway To: MaXX Message-ID: <20040423114508.GA12087@xor.obsecurity.org> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="LQksG6bCIzRHxTLp" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i cc: freebsd-questions@FreeBSD.org Subject: Re: Possible security hole in FreeBSD 4.8-RELEASE???? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Apr 2004 11:45:10 -0000 --LQksG6bCIzRHxTLp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Apr 23, 2004 at 01:38:47PM +0200, MaXX wrote: > Good afternoon, > I have installed FreeBSD 4.8Release on a machine to experiment settings > before attempting to place them on my "server". Due to a problem with the > port system on this machine I decided to reinstall only the port system via > sysinstall, during the process, I switched to anoter console (ttyv3) and > login as root, the password was not asked... You're asked to choose the root password when you first install the system. If you choose not to set it, then the account will have no password. By default you still cannot log in remotely to the root account, or to accounts without passwords. Kris --LQksG6bCIzRHxTLp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAiQHEWry0BWjoQKURAuYCAJ9mYUwtySBZLvDe/eMvEFGvYaQzZACdERIQ pO19zURN/z4IvMF/NY+ut/4= =F1ZV -----END PGP SIGNATURE----- --LQksG6bCIzRHxTLp--