Date: Mon, 3 May 1999 22:14:46 -0500 From: Chris Costello <chris@holly.dyndns.org> To: "G. Adam Stanislav" <adam@whizkidtech.net> Cc: freebsd-bugs@FreeBSD.ORG Subject: Re: misc/11475: Possible security hazard? Message-ID: <19990503221445.E10291@holly.dyndns.org> In-Reply-To: <199905040300.UAA10378@freefall.freebsd.org>; from G. Adam Stanislav on Mon, May 03, 1999 at 08:00:01PM -0700 References: <199905040300.UAA10378@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 3, 1999, G. Adam Stanislav wrote: > The following reply was made to PR misc/11475; it has been noted by GNATS. > > From: "G. Adam Stanislav" <adam@whizkidtech.net> > To: Matthew Hunt <mph@astro.caltech.edu> > Cc: FreeBSD-gnats-submit@FreeBSD.ORG > Subject: Re: misc/11475: Possible security hazard? > Date: Mon, 3 May 1999 21:52:40 -0500 > > On Mon, May 03, 1999 at 06:33:07PM -0700, Matthew Hunt wrote: > > > While only a superuser can execute the reboot command, any user can > > > accomplish the same thing by pressing ctl-alt-delete. > > > > Not a bug. A local user can also hit the reset button or kill > > the power or do pretty much anything else. Physical security is > > your friend. Don't let untrusted people hang out at the console. > > I think there is a difference: You can lock up the CPU, thus preventing > access to the reset button and the plug, but you cannot lock up the console. > If you are teaching people how to use computers in a class, they can press > the ctl-alt-del combination because they do not know any better (especially > if they come from Windows background), not because they are malicious or > untrusted. If you're teaching computers in a class, then you first must know computers, and specifically the OS you're teaching. Otherwise it would be something like a 6 year old teaching a 15 year old how to drive. > > > If you don't want this behavior, edit the keymap that you're > > using. See (I think) /usr/share/syscons/keymaps/. It is easily > > changed. > > OK, thanks. It is really not a problem for me, I simply noticed it, and was > trying to be helpful by reporting it. I am glad to hear it can be changed. :-) > I still think it would make sense if *by default* this were set up so it > only works for the superuser and only available to the regular user if the > administrator changes the defaults. Anyway, it's no big deal... > > Thanks, > > Adam > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-bugs" in the body of the message > -- Chris Costello <chris@calldei.com> 'Profanity: the universal programming language' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990503221445.E10291>