Date: Mon, 16 Nov 1998 11:47:44 -0700 From: Warner Losh <imp@village.org> To: Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu> Cc: Terry Lambert <tlambert@primenet.com>, freebsd-security@FreeBSD.ORG Subject: Re: Would this make FreeBSD more secure? Message-ID: <199811161847.LAA05123@harmony.village.org> In-Reply-To: Your message of "Mon, 16 Nov 1998 11:06:56 EST." <0qI4qUS00YUq09JbU0@andrew.cmu.edu> References: <0qI4qUS00YUq09JbU0@andrew.cmu.edu> <199811151758.JAA15108@apollo.backplane.com> <199811152257.PAA02868@usr05.primenet.com> <19981116073914.F969@internal>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <0qI4qUS00YUq09JbU0@andrew.cmu.edu> Thomas Valentino Crimi writes: : Let's not forget that without cracking the password of a 'wheel' : member, su is still not going to let them in. If you have no wheel : members (ie, you only allow root access from console) all the password : cracking in the world isn't going to give them root. (of course, with a : whole lot password cracking they'll have the password to every account : on your box). Unless you have something like sudo installed on your machine. Then all you need to do is crack one account to have root. However, if you don't have non-ssh logins enabled (and require that ssh logins come from keys rather than just the password in the password file), then you might be safe. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811161847.LAA05123>