From owner-freebsd-hackers Sat Jun 28 09:56:18 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA26583 for hackers-outgoing; Sat, 28 Jun 1997 09:56:18 -0700 (PDT) Received: from misery.sdf.com (misery.sdf.com [204.244.210.193]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id JAA26578 for ; Sat, 28 Jun 1997 09:56:15 -0700 (PDT) Received: from tom by misery.sdf.com with smtp (Exim 1.62 #1) id 0wi0k2-0002yO-00; Sat, 28 Jun 1997 09:52:54 -0700 Date: Sat, 28 Jun 1997 09:52:53 -0700 (PDT) From: Tom Samplonius To: Simon Shapiro cc: Bruce Evans , mburgett@cmnsens.zoom.com, freebsd-hackers@freebsd.org Subject: Re: com console, and h/w flow control... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sat, 28 Jun 1997, Simon Shapiro wrote: ... > > Not only could modem users grab root, as above, if they happen to be on > > when the system is booting, they could simply boot single user. > > This is easily fixed by having DTR stay low until the kernel initializeds > the driver (which is probably what happens now). A properly setup modem > (or terminal server) will not connect until DTR goes true. Then why use the COM console at all, if you won't be able to see the entire boot and be able to control it? Just put a modem on a regular port then... ... > I am thinking of a product definition for hundreds of world-wide > installation. we want a secure remote port. Having a terminal server is a > reasonable way to doit, but it is a SPOF. Buth security and availability > wise. SPOF? How? Normally the console is only used as a last resort, or a backup to a regular network login via ssh/telnet. > Simon > > Tom