From owner-cvs-all Thu Dec 2 13:21:11 1999 Delivered-To: cvs-all@freebsd.org Received: from zed.ludd.luth.se (zed.ludd.luth.se [130.240.16.33]) by hub.freebsd.org (Postfix) with ESMTP id 2A04D14F01; Thu, 2 Dec 1999 13:20:58 -0800 (PST) (envelope-from pantzer@speedy.ludd.luth.se) Received: from speedy.ludd.luth.se (pantzer@speedy.ludd.luth.se [130.240.16.164]) by zed.ludd.luth.se (8.8.5/8.8.5) with ESMTP id WAA16952; Thu, 2 Dec 1999 22:18:18 +0100 Message-Id: <199912022118.WAA16952@zed.ludd.luth.se> X-Mailer: exmh version 2.0.1 12/23/97 To: "Daniel C. Sobral" Cc: Brian Fundakowski Feldman , "Daniel C. Sobral" , cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sys/boot/forth loader.4th loader.conf.5 support.4th In-Reply-To: Message from "Daniel C. Sobral" of "Mon, 29 Nov 1999 14:34:16 +0900." <38421058.B86FD092@newsguy.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 02 Dec 1999 22:18:17 +0100 From: Mattias Pantzare Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk > Brian Fundakowski Feldman wrote: > > > > On Wed, 24 Nov 1999, Daniel C. Sobral wrote: > > > > > dcs 1999/11/24 09:56:41 PST > > > > > > Modified files: > > > sys/boot/forth loader.4th loader.conf.5 support.4th > > > Log: > > > Add silly password feature. If people want to depend on a flawed > > > security measures, so be it. It costs us almost nothing. > > > > Can you not find a decent Forth cryptographic hashing function? It > > would make things a lot less "silly". > > That is beside the point. Protecting the boot process gains you > nothing. You either protect the console, or any security measure is > inherently flawed. That depends on the enviroment. It is very easy to spot a student that breaks the lock that secures the computer in our labs. It is not easy to spot a student that boots a diffrent kernel. But I have to agree in that a plain text password is bad. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message