From owner-freebsd-questions  Sun Jun 28 02:15:44 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id CAA21584
          for freebsd-questions-outgoing; Sun, 28 Jun 1998 02:15:44 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from esmeralda.xaa.iae.nl (root@esmeralda.xaa.iae.nl [194.151.75.9])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA21351
          for <freebsd-questions@FreeBSD.ORG>; Sun, 28 Jun 1998 02:13:38 -0700 (PDT)
          (envelope-from freebsd@xaa.iae.nl)
Received: from ariel.xaa.iae.nl (ariel.xaa.iae.nl [194.151.75.10])
	by esmeralda.xaa.iae.nl (8.8.8/8.8.7) with ESMTP id LAA02606;
	Sun, 28 Jun 1998 11:05:32 +0200 (MET DST)
	(envelope-from freebsd@xaa.iae.nl)
Received: by ariel.xaa.iae.nl (VMailer, from userid 1008)
	id 45541AE63; Sun, 28 Jun 1998 11:05:31 +0200 (CEST)
Message-ID: <19980628110531.A288@xaa.iae.nl>
Date: Sun, 28 Jun 1998 11:05:31 +0200
From: Mark Huizer <xaa@stack.nl>
To: Roman Katsnelson <romank@graphnet.com>, freebsd-questions@FreeBSD.ORG
Subject: Re: root passwd
References: <35915453.F1326936@graphnet.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.91.1i
In-Reply-To: <35915453.F1326936@graphnet.com>; from Roman Katsnelson on Wed, Jun 24, 1998 at 03:32:36PM -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> b) if it DOES work -- itsn't it a serious security issue that anyone
> with the access to the FAQ (which is every literate person in the
> world!) can get root password? i know that it's probably not, but i
> would just like to be explained WHY not, if possible.
> 

It depends on how secure you want your console to be. For most machines
the console is assumed secure, and booting in single user mode can be
done safely. For machines which have insecure consoles (computer labs,
whatever...), you can edit /etc/ttys, and change the 'secure' in the
console line to 'insecure', which results in being asked for a password
if you want to enter single user mode.

Mark
-- 
Nice testing in little China...

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message