Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!zaphod.mps.ohio-state.edu!news
From: neruda@function.mps.ohio-state.edu (Steve Neruda)
Newsgroups: comp.sys.dec
Subject: Summary: preventing dec3100 single user booting (protecting root)
Message-ID: <1990Nov27.211621.1501@zaphod.mps.ohio-state.edu>
Date: 27 Nov 90 21:16:21 GMT
Sender: news@zaphod.mps.ohio-state.edu
Organization: Dept of Mathematics, The Ohio State University
Lines: 30
Nntp-Posting-Host: function.mps.ohio-state.edu

Thanks to everyone who responded to my question about preventing single user
  mode booting in order to protect root.  There were basically three solutions:

  1)  If you have source you could modifiy init to ask for a passwd
  	before going into single user mode.

  2) Dec will have new ROMs available (maybe already does).  Is due out Spring/
  	Summer 91 for the 2100, 3100, and 5000.

  3) Put some sort of passwd check in roots .profile file that will not allow
	itself to exit unless the root passwd (or a special passwd is typed in.
	The complexity for implementing this ranged from placing 

		exec echo "Ultrix rules!"  

	into roots .profile to C programs that are run from .profile.
	There were also several shell script implementations of this.

The solutions I liked best we C programs that were run from .profile since 
  they don't require alot of work, they can use the regular root passwd
  (though one even contained a second passwd if root was scrogged), they
  seemed pretty rugged (I couldn't get them to fail).  

Most of these solutions are pretty short so if people are interested I'll post
  a couple of them to an appropriate news group (comp.sources?).


				thanks again,

				steve neruda (neruda@geo2s.mps.ohio-state.edu