Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 02 Dec 1999 22:18:17 +0100
From:      Mattias Pantzare <pantzer@ludd.luth.se>
To:        "Daniel C. Sobral" <dcs@newsguy.com>
Cc:        Brian Fundakowski Feldman <green@FreeBSD.ORG>, "Daniel C. Sobral" <dcs@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject:   Re: cvs commit: src/sys/boot/forth loader.4th loader.conf.5 support.4th 
Message-ID:  <199912022118.WAA16952@zed.ludd.luth.se>
In-Reply-To: Message from "Daniel C. Sobral" <dcs@newsguy.com>  of "Mon, 29 Nov 1999 14:34:16 %2B0900." <38421058.B86FD092@newsguy.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
> Brian Fundakowski Feldman wrote:
> > 
> > On Wed, 24 Nov 1999, Daniel C. Sobral wrote:
> > 
> > > dcs         1999/11/24 09:56:41 PST
> > >
> > >   Modified files:
> > >     sys/boot/forth       loader.4th loader.conf.5 support.4th
> > >   Log:
> > >   Add silly password feature. If people want to depend on a flawed
> > >   security measures, so be it. It costs us almost nothing.
> > 
> > Can you not find a decent Forth cryptographic hashing function?  It
> > would make things a lot less "silly".
> 
> That is beside the point. Protecting the boot process gains you
> nothing. You either protect the console, or any security measure is
> inherently flawed.

That depends on the enviroment. It is very easy to spot a student 
that breaks the lock that secures the computer in our labs. It is not easy to 
spot a student that boots a diffrent kernel.

But I have to agree in that a plain text password is bad.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199912022118.WAA16952>