On Mon, 24 Feb 1997 07:45:29 -0500 (EST)  der Mouse wrote:

> The only way I can see to have any significant degree of security with
> an empty root password field is to have no ttys marked secure and
> nothing else that accepts username/password running (eg, xdm), and then
> everyone able to "su root" must be very careful to never log in on a
> sniffable channel with a reusable password, never log in on a
> hijackable channel without encryption, etc.
> 
> How many systems really have their consoles insecure but their hardware
> (boxes with cpus inside, disk drives, etc) secure?  Anyone with access
> to the latter _can't_ be kept out.  I can't remember last time I saw a
> machine whose console was that physically isolated from its cpu and
> disk.

The firewall I log in through to work almost fits this bill.  It's an
old 386 with no floppy drive, and all user access is authenticated with
token cards (similar to SecurID).  The only reason I have a console
is because it's useful when I actaully see the box every couple of
months...

Simon.