Date: Fri, 27 Dec 2002 13:43:11 -0600 (CST) From: William Michael Grim <wgrim@siue.edu> To: Pawel Jakub Dawidek <nick@garage.freebsd.pl> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Login directly as root. Message-ID: <Pine.SO4.4.05.10212271341200.23288-100000@cougar.isg.siue.edu> In-Reply-To: <20021227190224.GA29966@prioris.mini.pw.edu.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
If I had to take a guess, the reason normal user logins are disabled during "insecure" on single mode is because of the way authentication may be getting handled, among other things. First off, it's single-user mode, meant for only the root user; no one else has a need for the system at that point. Second, what if you're reading your usernames off of NIS and don't have anyone but root on your system? Then you'd get kind of screwed in single-user; your whole system would break. Well, I hope this helps you out. William Michael Grim Student, Southern Illinois University at Edwardsville Unix System Administrator, SIUE, Computer Science dept. Phone: (217) 341-6552 Email: wgrim@siue.edu On Fri, 27 Dec 2002, Pawel Jakub Dawidek wrote: > Hello hackers... > > I'm wondering why there is "insecure" options in /etc/ttys for virtual > consoles. > As we all know, "insecure" for ttyvX means that we can't directly log in > as root, but "insecure" for console field in /etc/ttys means only that > we will be asked for root's password in single mode. > Hmm, if I got psyhical access to machine and ttyvX are in "insecure" mode > and I know root's password I can just reboot machine and log in as root. > So if "insecure" mode is a security feature, shouldn't this be in that > way (in single mode): > > Login: <wheel group member> > Password: <wheel group member's password> > Root's password: <root's password> > > ? > > -- > Pawel Jakub Dawidek > UNIX Systems Administrator > http://garage.freebsd.pl > Am I Evil? Yes, I Am. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SO4.4.05.10212271341200.23288-100000>