Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Nov 1999 14:34:16 +0900
From:      "Daniel C. Sobral" <dcs@newsguy.com>
To:        Brian Fundakowski Feldman <green@FreeBSD.org>
Cc:        "Daniel C. Sobral" <dcs@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/boot/forth loader.4th loader.conf.5        support.4th
Message-ID:  <38421058.B86FD092@newsguy.com>
References:  <Pine.BSF.4.10.9911281645000.1550-100000@green.dyndns.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Brian Fundakowski Feldman wrote:
> 
> On Wed, 24 Nov 1999, Daniel C. Sobral wrote:
> 
> > dcs         1999/11/24 09:56:41 PST
> >
> >   Modified files:
> >     sys/boot/forth       loader.4th loader.conf.5 support.4th
> >   Log:
> >   Add silly password feature. If people want to depend on a flawed
> >   security measures, so be it. It costs us almost nothing.
> 
> Can you not find a decent Forth cryptographic hashing function?  It
> would make things a lot less "silly".

That is beside the point. Protecting the boot process gains you
nothing. You either protect the console, or any security measure is
inherently flawed.

The main reason for this sillyness is, I'm ashamed to admit, the
"lilo has it" argument. People think it's cool. Ok, let them.
Coolness factor, if the cost is low, is ok. And, in the end, lilo's
password is also stored as plain-text.

Frankly, if someone comes complaining bitterly about creeping
featurism and the likes, I'm might just as well back it out. :-)
Maybe put the code in /usr/share/examples/bootforth, though people
who like coolness also happens to demand it pre-installed.

--
Daniel C. Sobral			(8-DCS)
who is as social as a wampas

dcs@newsguy.com
dcs@freebsd.org




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38421058.B86FD092>