The omission of the "secure" flag is supposed to prevent root from
   logging in on that particular tty.  However, if root has an empty
   password, that check is effectively bypassed by the current code.

I just fixed this in the source tree, but I note from your patch:

		   if (pwd && (*pwd->pw_passwd == '\0' ||
   ! 		    fflag && (uid == 0 || uid == pwd->pw_uid))) {
   ! 			if (fflag) break; /* already authenticated */
   ! 			if (pwd && pwd->pw_uid == 0) { /* login as root */

This looks like a bug.  Effectively, anyone or anything could bypass
the checking by using `login -f'.


------------------------------------------------------------------------------