Date: Wed, 29 Nov 1995 18:06:13 -0700 (MST) From: Terry Lambert <terry@lambert.org> To: nate@rocky.sri.MT.net (Nate Williams) Cc: terry@lambert.org, p.richards@elsevier.co.uk, freebsd-current@FreeBSD.ORG Subject: Re: schg flag on make world in -CURRENT Message-ID: <199511300106.SAA29264@phaeton.artisoft.com> In-Reply-To: <199511300043.RAA22160@rocky.sri.MT.net> from "Nate Williams" at Nov 29, 95 05:43:07 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > > I see some merit though in preventing root access period from insecure > > > pty's. If it was an added security level I'd be in favour of it. There > > > are machines where I'd like to disable remote root access completely. > > > > Good idea. If you bump the secure level, you have to use a secure line > > to enter the root password. This satisfy everyone? > > I think that's fair enough. If I hear you correctly, you'd have to > modify 'su' to only run on secure terminals if you are the non-default > secure level? Yes. A sysctl could return the information. You fail the check at the "wheel" group check in "su". Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511300106.SAA29264>