From owner-freebsd-security Thu Nov 19 15:33:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA07786 for freebsd-security-outgoing; Thu, 19 Nov 1998 15:33:23 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from matrix.42.org (matrix.42.org [194.246.250.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA07781 for ; Thu, 19 Nov 1998 15:33:16 -0800 (PST) (envelope-from sec@42.org) Received: (from sec@localhost) by matrix.42.org (8.8.8/8.8.5) id AAA05300 for freebsd-security@freebsd.org (sender ); Fri, 20 Nov 1998 00:32:46 +0100 (CET) Date: Fri, 20 Nov 1998 00:32:45 +0100 From: Stefan `Sec` Zehl To: freebsd-security@FreeBSD.ORG Subject: no more pty's / lockout Message-ID: <19981120003245.A5204@matrix.42.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.94.10i I-love-doing-this: really Accept-Languages: de, en X-URL: http://sec.42.org/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I just relized, that any user on a system can disable remote logins completely by allocating all available tty's (with xterm p.ex.) Since quite some boxes are remotely adminned, i think this is worth a fix. What about adding a fallback-no-tty-mode to telnetd ? CU, Sec -- Wunder von Microsoft I: Ich habe mal eine Testmaschine nach einer Neuinstallation rebootet. Sie blieb aber mit "No processors found" stehen. -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message