From owner-freebsd-hackers  Fri Dec 27 11: 2:32 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A3E5337B401
	for <freebsd-hackers@freebsd.org>; Fri, 27 Dec 2002 11:02:31 -0800 (PST)
Received: from prioris.mini.pw.edu.pl (prioris.mini.pw.edu.pl [194.29.178.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 216EB43EC2
	for <freebsd-hackers@freebsd.org>; Fri, 27 Dec 2002 11:02:31 -0800 (PST)
	(envelope-from P.Dawidek@prioris.mini.pw.edu.pl)
Received: from localhost (localhost.mini.pw.edu.pl [127.0.0.1])
	by prioris.mini.pw.edu.pl (Postfix) with ESMTP id 2BD6B7D2F7
	for <freebsd-hackers@freebsd.org>; Fri, 27 Dec 2002 20:02:29 +0100 (CET)
Received: by prioris.mini.pw.edu.pl (Postfix, from userid 1091)
	id C6F697D2F6; Fri, 27 Dec 2002 20:02:24 +0100 (CET)
Date: Fri, 27 Dec 2002 20:02:24 +0100
From: Pawel Jakub Dawidek <nick@garage.freebsd.pl>
To: freebsd-hackers@freebsd.org
Subject: Login directly as root.
Message-ID: <20021227190224.GA29966@prioris.mini.pw.edu.pl>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
User-Agent: Mutt/1.4i
X-PGP-Key-URL: http://garage.freebsd.pl/jules.pgp
X-OS: FreeBSD 4.7-STABLE i386
X-Virus-Scanned: by AMaViS (prioris)
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Hello hackers...

I'm wondering why there is "insecure" options in /etc/ttys for virtual
consoles.
As we all know, "insecure" for ttyvX means that we can't directly log in
as root, but "insecure" for console field in /etc/ttys means only that
we will be asked  for root's password in single mode.
Hmm, if I got psyhical access to machine and ttyvX are in "insecure" mode
and I know root's password I can just reboot machine and log in as root.
So if "insecure" mode is a security feature, shouldn't this be in that
way (in single mode):

Login: <wheel group member>
Password: <wheel group member's password>
Root's password: <root's password>

?

-- 
Pawel Jakub Dawidek
UNIX Systems Administrator
http://garage.freebsd.pl
Am I Evil? Yes, I Am.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message