Date: Wed, 15 Jul 1998 20:45:24 +0200 From: Johann Visagie <wjv@cityip.co.za> To: Roman Katsnelson <romank@graphnet.com>, Jonathan Ruxton <jonathan.ruxton@satin.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: boot -s Message-ID: <19980715204524.B17838@cityip.co.za> In-Reply-To: <35ACF326.29AC4C89@graphnet.com>; from Roman Katsnelson on Wed, Jul 15, 1998 at 02:21:26PM -0400 References: <35ACE569.284797A9@satin.net> <35ACF326.29AC4C89@graphnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 Jul 1998 at 14:21 SAT, Roman Katsnelson wrote: > Jonathan Ruxton wrote: > > > > Hello - I was wondering if there is an easy way to disable the -s > > (single user mode) option at boot time for security reasons, to prevent > > someone from changing the root password as specified in section 8.20 ( > > Eek! I forgot the root password) of the FAQ? > > Hi. > > I asked that question once (not too long ago) -- it didn't make sense to > me that it should be that easy to change the root passwd. However, you Well, a machine can never be secure from the console. Even if you could disable -s, someone could still boot from a floppy, mount your root filesystem, and change root's password. Moral: Don't allow free access to the console. Ever. -- V Johann Visagie | Email: wjv@CityIP.co.za | Tel: +27 21 419-7878 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980715204524.B17838>