Subject: CVS commit: src
To: None <firstname.lastname@example.org>
From: Thor Lancelot Simon <email@example.com>
Date: 11/13/1998 23:17:58
Module Name: src
Committed By: tls
Date: Sat Nov 14 07:17:58 UTC 1998
When downgrading from 'highly secure' mode (securelevel >= 2) to 'insecure' mode (securelevel 0) and the root password is set, always require it before giving a shell on the console. Reasoning: if an attacker has access to the machine console, he doesn't necessarily have access to the hardware itself; on a 'highly secure' machine, we may as well make his life hard.