From owner-freebsd-bugs Mon May 3 20: 0:10 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id F37EE14FE2 for ; Mon, 3 May 1999 20:00:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id UAA10393; Mon, 3 May 1999 20:00:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Date: Mon, 3 May 1999 20:00:02 -0700 (PDT) Message-Id: <199905040300.UAA10393@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Matthew Hunt Subject: Re: misc/11475: Possible security hazard? Reply-To: Matthew Hunt Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR misc/11475; it has been noted by GNATS. From: Matthew Hunt To: "G. Adam Stanislav" Cc: FreeBSD-gnats-submit@freebsd.org Subject: Re: misc/11475: Possible security hazard? Date: Mon, 3 May 1999 19:58:58 -0700 On Mon, May 03, 1999 at 09:52:40PM -0500, G. Adam Stanislav wrote: > I still think it would make sense if *by default* this were set up so it > only works for the superuser and only available to the regular user if the > administrator changes the defaults. Anyway, it's no big deal... I don't have much of an opinion on this issue. I think that the default, as-is, is consistent with the notion that if you're going to allow users to sit at the console, you have to do some extra work (lock up the case, etc.) to make it more secure. But you do have a valid point that a different default behavior could prevent accidental reboots. I closed the PR just before getting your email with clarified your position. If you want it re-opened, let me know, but I'm too ambivalent to be the one who makes the change. :-) -- Matthew Hunt * Inertia is a property http://www.pobox.com/~mph/ * of matter. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message