Date: Thu, 11 Mar 2004 23:40:16 -0800 (PST) From: Sergey Akifyev <asa@gascom.ru> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/64143: Security issue : fstab item missing causes automatic login as root without password when machine restarted. Message-ID: <200403120740.i2C7eGC2015567@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/64143; it has been noted by GNATS. From: Sergey Akifyev <asa@gascom.ru> To: Gerd Wachs <gerd.wachs@telia.com> Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: misc/64143: Security issue : fstab item missing causes automatic login as root without password when machine restarted. Date: Fri, 12 Mar 2004 10:30:38 +0300 --=-5zBcF27GX3rrWtorDLMA Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Fri, 2004-03-12 at 10:05, Gerd Wachs wrote: [...ripped by viruses...] > An error stating invalid device in the fstab. > You are asked for your shell with a default [bash\sh] for the root user. > You press enter, and you are into the system with root privileges > without having typed a password. This is not a security issue. This is what you system is configured to do. If you type: # cat /etc/ttys |grep ^console it should say: console none unknown off secure The 'secure' keyword here means, that single user mode can be entered without password. If you change this to 'insecure', FreeBSD will ask you root password before logging you into single user mode. This is documented in default /etc/ttys. IMHO, this PR can be closed. --=20 regards, Sergey Akifyev <asa@gascom.ru> JSC Gascom <http://www.gascom.ru> PGP key available from: ftp://ftp.gascom.ru/pub/PGP-keys/asa.txt --=-5zBcF27GX3rrWtorDLMA Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAUWcdbu06QwmNwNsRAg1wAKCQRferM1JPI6xpz3T3MlHNHtfcZwCfeUIW /brU2HpXp4exqSFZdGB8JXw= =A2uk -----END PGP SIGNATURE----- --=-5zBcF27GX3rrWtorDLMA--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403120740.i2C7eGC2015567>