From owner-freebsd-questions@FreeBSD.ORG  Fri Apr 23 04:45:10 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0339C16A4CE
	for <freebsd-questions@FreeBSD.org>;
	Fri, 23 Apr 2004 04:45:10 -0700 (PDT)
Received: from mtaw6.prodigy.net (mtaw6.prodigy.net [64.164.98.56])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BBDA943D39
	for <freebsd-questions@FreeBSD.org>;
	Fri, 23 Apr 2004 04:45:09 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: from obsecurity.dyndns.org
	(4eed4ca8b0e323a60da1b4f80b36d56a@adsl-67-115-73-128.dsl.lsan03.pacbell.net
	[67.115.73.128])
	by mtaw6.prodigy.net (8.12.10/8.12.10) with ESMTP id i3NBhupT012183;
	Fri, 23 Apr 2004 04:43:57 -0700 (PDT)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id C248A52346; Fri, 23 Apr 2004 04:45:08 -0700 (PDT)
Date: Fri, 23 Apr 2004 04:45:08 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: MaXX <admsrv_maxx@hotmail.com>
Message-ID: <20040423114508.GA12087@xor.obsecurity.org>
References: <BAY16-DAV15Y0W9PMy50002ca5d@hotmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="LQksG6bCIzRHxTLp"
Content-Disposition: inline
In-Reply-To: <BAY16-DAV15Y0W9PMy50002ca5d@hotmail.com>
User-Agent: Mutt/1.4.2.1i
cc: freebsd-questions@FreeBSD.org
Subject: Re: Possible security hole in FreeBSD 4.8-RELEASE????
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Apr 2004 11:45:10 -0000


--LQksG6bCIzRHxTLp
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Fri, Apr 23, 2004 at 01:38:47PM +0200, MaXX wrote:
> Good afternoon,
>     I have installed FreeBSD 4.8Release on a machine to experiment settings
> before attempting to place them on my "server". Due to a problem with the
> port system on this machine I decided to reinstall only the port system via
> sysinstall, during the process, I switched to anoter console (ttyv3) and
> login as root, the password was not asked...

You're asked to choose the root password when you first install the
system.  If you choose not to set it, then the account will have no
password.  By default you still cannot log in remotely to the root
account, or to accounts without passwords.

Kris

--LQksG6bCIzRHxTLp
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAiQHEWry0BWjoQKURAuYCAJ9mYUwtySBZLvDe/eMvEFGvYaQzZACdERIQ
pO19zURN/z4IvMF/NY+ut/4=
=F1ZV
-----END PGP SIGNATURE-----

--LQksG6bCIzRHxTLp--