Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 01 Aug 1995 17:20:11 -0700
From:      Paul Traina <pst@shockwave.com>
To:        "Jordan K. Hubbard" <jkh@time.cdrom.com>
Cc:        "Jordan K. Hubbard" <jkh@freefall.cdrom.com>, CVS-commiters@freefall.cdrom.com, cvs-libexec@freefall.cdrom.com
Subject:   Re: cvs commit: src/libexec/getty gettytab.5 main.c 
Message-ID:  <199508020020.RAA00991@precipice.shockwave.com>
In-Reply-To: Your message of "Tue, 01 Aug 1995 17:13:58 PDT." <1005.807322438@time.cdrom.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
FreeBSD 2.0, eh?  Gee, that means bug X, Y, and Z are most likely present.

The -best- thing to present to a user before they login is:
"Username:" or "login:" and nothing else.

In fact, one of those big VM/370 banners is a good idea... lie.

The idea here is that people don't need, and shouldn't be able to get
any excess information about your system without authenticating first.

The more I know about your system, the more likely I can break into it.
Especially if it is a FreeBSD 2.x machine when 2.x has been obsolete for
3 or 4 years and I happen to have a list of bugs that were fixed 2 years
ago but this machine hasn't been updated.

Shit happens.  Let's not make it any easier for the bad guys.

  From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
  Subject: Re: cvs commit: src/libexec/getty gettytab.5 main.c 
  And why not?
  
  > This is pretty bogus (IMO).  This is absolutely positivel NOT the sort of
  > information you want to present to a user before they've logged in.
  > 
  > Paul
  > 
  >   From: "Jordan K. Hubbard" <jkh@freefall.cdrom.com>
  >   Subject: cvs commit: src/libexec/getty gettytab.5 main.c
  >   jkh         95/08/01 06:12:25
  >   
  >     Modified:    libexec/getty  gettytab.5 main.c
  >     Log:
  >     A useful aid..  Add support for:
  >     
  >     	%r:	current release
  >     	%m:	machine architecture type (i386 for now)
  >     	%s:	OS name (FreeBSD)
  >     
  >     from uname() in banner string.
  



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199508020020.RAA00991>