Date: Wed, 15 Jul 1998 14:36:15 -0500 (CDT) From: "Paul T. Root" <proot@horton.iaces.com> To: romank@graphnet.com (Roman Katsnelson) Cc: jonathan.ruxton@satin.net, freebsd-questions@FreeBSD.ORG Subject: Re: boot -s Message-ID: <199807151936.OAA08541@horton.iaces.com> In-Reply-To: <35ACF326.29AC4C89@graphnet.com> from Roman Katsnelson at "Jul 15, 98 02:21:26 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
In a previous message, Roman Katsnelson said: > Jonathan Ruxton wrote: > > > > Hello - I was wondering if there is an easy way to disable the -s > > (single user mode) option at boot time for security reasons, to prevent > > someone from changing the root password as specified in section 8.20 ( > > Eek! I forgot the root password) of the FAQ? > > Hi. > > I asked that question once (not too long ago) -- it didn't make sense to > me that it should be that easy to change the root passwd. However, you > don't want to disable that option. You probably (hopefully) will never > forget the root password, but (and this is what happenned to me) it _is_ > possible that the machine will give you 'login incorrect' even if you're > a 100% positive it's not. And it makes a lot more sense to be able to > just change the password than to be forced to reinstall. > > As far as security -- single mode can only be done from the machine > itself, so if it's an issue just keep it in a secure place, don't let > people have physical access. Physical security is the way to go here. An intermediate FreeBSD user could easily make a boot floppy with a minimal kernel and a couple of utilities, and break into your machine. > HTH, > Roman > -- > _________________________________________ > | The box said: | > | | > _ | Requirement: Win95, NT 4.0 or better. | _ > / )| |( \ > / / | So I installed FreeBSD. | \ \ > _( (_ | | _) )_ > (((\ \>|_/-) (-\_|</ /))) > (\\\\ \_/ /___________________________________\ \_/ ////) > \ / Email: romank@graphnet.com \ / > \ _/ \_ / > ////// ==================================== \\\\\\ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- The dumber people think you are, the more surprised they're going to be when you kill them. -- William Clayton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807151936.OAA08541>