From owner-freebsd-questions  Mon Dec  9 16:17:46 1996
Return-Path: <owner-questions>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id QAA17856
          for questions-outgoing; Mon, 9 Dec 1996 16:17:46 -0800 (PST)
Received: from gdi.uoregon.edu (gdi.uoregon.edu [128.223.170.30])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id QAA17846
          for <freebsd-questions@freefall.freebsd.org>; Mon, 9 Dec 1996 16:17:43 -0800 (PST)
Received: from localhost (dwhite@localhost) by gdi.uoregon.edu (8.8.2/8.6.12) with SMTP id QAA01580; Mon, 9 Dec 1996 16:17:22 -0800 (PST)
Date: Mon, 9 Dec 1996 16:17:22 -0800 (PST)
From: Doug White <dwhite@gdi.uoregon.edu>
Reply-To: dwhite@resnet.uoregon.edu
To: Christoph Kukulies <kuku@gilberto.physik.rwth-aachen.de>
cc: freebsd-questions@freefall.freebsd.org
Subject: Re: xconsole - /dev/console
In-Reply-To: <199612091607.RAA09461@gilberto.physik.rwth-aachen.de>
Message-ID: <Pine.BSI.3.94.961209161556.1382X-100000@gdi.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 9 Dec 1996, Christoph Kukulies wrote:

> Is there a way to allow a normal user to use xconsole or would
> opening /dev/console to the world compromise security?

?  People have to run startx or log into a xdm-controlled terminal, so
they're authenticated.

The console is inherently insecure as the three finger salute works from
there.  They also probably have access to the power switch, so being
really picky about console security isn't very worthwhile unless the
machine is locked in a safe.

Doug White                              | University of Oregon  
Internet:  dwhite@resnet.uoregon.edu    | Residence Networking Assistant
http://gladstone.uoregon.edu/~dwhite    | Computer Science Major