Subject: Re: NetBSD master CVS tree commits
To: None <current-users@NetBSD.ORG>
From: matthew green <>
List: current-users
Date: 02/22/1997 19:18:39
thorpej made cvs say:
   Modified Files:
   Log Message:
   If root has no password, don't lock the operator out of single-user
   mode if the console is "insecure".

i'm not sure i like this, from a `security' point of view.  if i have
marked the console as insecure, then by hell i want netbsd to do it's
best to keep the bad guys out!  and that includes *me* until i
authenticate myself.  security systems should *always* fail closed
(though, it's somewhat of a stretch to consider this to be failure :-).

IMO, `insecure console' and `no root password' situations are generally
going to be caused by pilot error, and `reducing' the security of the
system to work around this is a bad idea.