Hello everybody,

Although the general feeling here does not seem to be very welcoming
towards ctrl-alt-delete, let me add my thoughts...

For a background, I am at present at a FreeBSD 5.0 i386 machine, but I am
very interested in NetBSD as well.

On Fri, Jan 05, 2001 at 01:21:39PM -0500, Nathan J. Williams wrote:
> > >> Is there a reason that several of my current NetBSD systems seem to think
> > >> that control-alt-delete is just a weird key sequence?
> > >
> > >Well, that's what it is.

It is not that simple, IMHO. Although you can argue that it is not a
hardware feature and only a DOS-convention, but on i386 just about every OS
I have heard about respects it, and rightly so, since it is a major
deviation from what people have gotten used to not do so. (Even NT does,
although the login sequence can be initiated that way, too... a bit
confusing, but it is the sparse exception.)

> Well, you need to define: 
> 
> 1) what you think it ought to do, exactly (hook into userland to run
>    a program, such as "shutdown -r now"? make the kernel run
>    sys_sync()? something else?)
 
This is a better question. IMHO, on Linux it is just a shorthand for
shutdown -r now, do not know for sure about FreeBSD, because I am not using
it (see below) but it appears to do something similar. And yes, there are
times, when it is useful. Why do you guys think that every UNIX machine has
network connectivity and/or a serial console? Come on, this is "just" a PC.
I just want to use it like anybody else. But better:-) I have even seen
times when keys would no longer echo, but the sequence would be still
caught and a shutdown initiated. IMHO, every occasion must be seized to
shutdown cleanly, since file-system corruption is an unwelcome risk. (and
again, not many PCs have a real backup tape drive attached.)

> 2) who it would be useful to, and when (systems that are *really*
>    wedged? Or just ones with a wedged console that don't have
>    convenient remote login capability?)
 
Think about a laptop... there is not even a reset switch there... again,
every opprtunity must be tried before eg taking out the battery... it may
not always suceed, but at least you have tried.

> 3) what mechanisim would control whether it is enabled (since it's
>    clear that even if such an option were avaliable, it would not be
>    appropriate for all sites).
 
On FreeBSD we have a kernel option to disallow it on sites where it is not
desired. So it is not tied to anybody being logged in, you cannot use it,
period. If this is what you want, you get it. I have been using this option
for a longer amount of time and I am pleased with it. 
 
> > Console abort is *useful*.  It should be available by default, IMHO.
> 
> Making it avaliable by default would constitute a large deviation from
> the behavior of prior versions of NetBSD. It's a deviation that I
> suspect anyone other than single-owner single-user desktop machines
> would find at least unwelcome, and at most a serious security problem.

Well, somebody suggested breaking to the DDB instead... IMHO, leaving DDB
in for a sensitive site is a much more important security risk than
enabling the three-finger-salute. This way you can at most shut down and
restart the macine, while in DDB you can do a lot more interesting stuff,
too... Also, if you already have console (and physical) access, the DoS
potential is usually very high already. Think taking away the power cable,
for example... 

I have every respect for those using non-i386 hardware, but since it is
about all I am ever likely to be able to afford, I felt I have to chime
in... sorry if this was inappropriate.
 
-- 
Regards:

Szilveszter ADAM
Szeged University
Szeged Hungary