I think the change was sensible. It is very hard to back out of the
situation and if there is no root password there is no security anyway
when the system is functioning normally.

Perry

Jason Thorpe writes:
> On Sat, 22 Feb 1997 19:18:39 +1100 
>  matthew green <mrg@eterna.com.au> wrote:
> 
>  > i'm not sure i like this, from a `security' point of view.  if i have
>  > marked the console as insecure, then by hell i want netbsd to do it's
>  > best to keep the bad guys out!  and that includes *me* until i
>  > authenticate myself.  security systems should *always* fail closed
>  > (though, it's somewhat of a stretch to consider this to be failure :-).
>  > 
>  > IMO, `insecure console' and `no root password' situations are generally
>  > going to be caused by pilot error, and `reducing' the security of the
>  > system to work around this is a bad idea.
> 
> In a situation where there _was_ pilot error, I think there's an argument
> to be made for recoverability... 
> 
> Well, "you're the boss" with the security stuff... if you really strongly
> object to it, it can be backed out.
> 
> Jason R. Thorpe                                       thorpej@nas.nasa.gov
> NASA Ames Research Center                               Home: 408.866.1912
> NAS: M/S 258-6                                          Work: 415.604.0935
> Moffett Field, CA 94035                                Pager: 415.428.6939