Booting SunOS 4.0 singlu user (was Re: NFS security)
John Robert LoVerso
loverso at encore.UUCP
Fri Sep 9 00:19:25 AEST 1988
In article <3168 at emory.uucp> arnold at emory.UUCP (Arnold D. Robbins) writes:
> This feature is straight-forward, and fairly elegant. The file /etc/ttytab
> is in the format of the 4.3BSD /etc/ttys:
>
> # name getty type status comments
> #
> console "/usr/etc/getty std.9600" sun on secure
>
> The 'secure' on the line for the console has the usual meaning of "root
> can log in on this terminal", and is also overloaded to mean "OK, you can
> come up with a single user root shell". If 'secure' is missing, or /etc/ttytab
> is not there, then the system prompts for the root password when booting
> single user.
>
> This could profitably be incorporated into future BSD releases.
I hope not. Sun has managed to corrupt "secure". It originally meant
"it's ok for root to login on this line WITH A PASSWORD in multi-user mode".
Now it additionally means "DON'T prompt for a password when coming up
single user". Without "secure" on the console, single-user mode will
prompt for a password.
I maintain that allowing a root login on a line in multi-user AT ALL
and allowing a single-user root shell without password are entirely
different things, and at best they ought to use a different flag than
"secure" in the ttys [ttytab] file.
John Robert LoVerso
Encore Computer Corp
encore!loverso, loverso at multimax.arpa, [soon: loverso at Encore.COM]
More information about the Comp.unix.wizards
mailing list