From owner-freebsd-hackers Sat Jun 28 00:51:36 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id AAA10456 for hackers-outgoing; Sat, 28 Jun 1997 00:51:36 -0700 (PDT) Received: from misery.sdf.com (misery.sdf.com [204.244.210.193]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id AAA10451 for ; Sat, 28 Jun 1997 00:51:33 -0700 (PDT) Received: from tom by misery.sdf.com with smtp (Exim 1.62 #1) id 0whsEv-0002MS-00; Sat, 28 Jun 1997 00:48:13 -0700 Date: Sat, 28 Jun 1997 00:48:12 -0700 (PDT) From: Tom Samplonius To: Simon Shapiro cc: Bruce Evans , mburgett@cmnsens.zoom.com, freebsd-hackers@freebsd.org Subject: Re: com console, and h/w flow control... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sat, 28 Jun 1997, Simon Shapiro wrote: > One logs in on the serial console from a modem (or terminal server), > becomes root and the serial connection drops (noisy modem line, etc.). > > At this point ANYONE who dials-in is ROOT! This is not really what the COM console was designed for anyhow. Don't use a modem on it, ever. Not only could modem users grab root, as above, if they happen to be on when the system is booting, they could simply boot single user. Remember, the COM console features give you CONSOLE access, and such access should not be taken lightly! So DON'T use a modem on a COM console. Configure a regular serial port instead. If you need to use the console remotely, and want to use COM console for this, use another FreeBSD box with a null modem cable to the console port. Or, you could use a terminal server for this (this is what I do, mainly because I have a two spare Portmasters). Tom