Date: 19 Oct 1999 12:39:14 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: freebsd-security@freebsd.org Subject: Re: allowing telnet from locked terminal Message-ID: <86puybhepp.fsf@localhost.hell.gr> In-Reply-To: Mike Nowlin's message of "Tue, 19 Oct 1999 01:41:11 -0400 (EDT)" References: <Pine.LNX.4.05.9910190130290.2563-100000@jason.argos.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Nowlin <mike@argos.org> writes: > 1) Make a note of the current VC and (if applicable) the user logged in > on it > 2) Switch to VC 10 (no getty normally running on that one) > 3) Send the IOCTL to the kernel that disables VC switching > 4) Print "Locked - Password: ", turn off echo, and get a password > 5) If the PW matched either root's or the person from step #1, re-enable > VC switching and switch back to the VC from step #1, else scan > /etc/passwd for a matching one -- if it found one, keep VC switching > off, but give a one-time login prompt on VC 10. All this sounds oh so familiar... I think that `screen' does something similar, but does not disable ALL the virtual consoles. It just makes access to a certain virtual console controlled by the one that run screen over there. A simple `C-a x' and off you're gone. Of course, if VC switching is not disabled there's always X11 on that Alt-F7 console, bliax. -- Giorgos Keramidas, <keramida@ceid.upatras.gr> "What we have to learn to do, we learn by doing." [Aristotle] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86puybhepp.fsf>