Date: Tue, 29 May 2001 16:53:38 +1000 From: Peter Jeremy <peter.jeremy@alcatel.com.au> To: Mark Murray <mark@grondar.za> Cc: arch@FreeBSD.ORG Subject: Re: PAM, S/Key and authentication schemes. Message-ID: <20010529165338.I89950@gsmx07.alcatel.com.au> In-Reply-To: <200105290602.f4T62A654885@gratis.grondar.za>; from mark@grondar.za on Tue, May 29, 2001 at 08:04:27AM %2B0200 References: <20010528174728.A39588@xor.obsecurity.org> <kris@obsecurity.org> <200105290602.f4T62A654885@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2001-May-29 08:04:27 +0200, Mark Murray <mark@grondar.za> wrote: >> > The only danger area I can see is the need to check root password to >> > get to single-user if the console is not secure. This needs to work >> > even if (and especially when) the system is hosed. I wouldn't like to >> > see init become dependent on the dynamic loader and various PAM >> > libraries in this case. >> >> We also compile all of the PAM modules included in the base system >> into a static libpam which allows statically-linked binaries to work, >> up to a point (they won't work if the system administrator tries to >> use a third-party PAM module) > >I'll stay out of the static stuff as long as I can for exactly this >reason. Init(8) will be especially left alone. :-) Which means that somewhere there needs to be a note that if your console is marked 'insecure' then /etc/master.passwd must contain a root password that crypt(3) can understand (irrespective of how eg login(1) might authenticate a root login attempt). Otherwise, someone is sure to get bitten. The init(8) man page is one possibility, but I'm not sure it's the obvious place to look when you discover you're locked out of single-user mode. Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010529165338.I89950>