Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1+some 2/3/84; site dual.UUCP
Path: utzoo!watmath!clyde!burl!mgnetp!ihnp4!dual!mats
From: mats@dual.UUCP (Mats Wichmann)
Newsgroups: net.unix-wizards
Subject: Re: RE: Why does the S5 init run "/bin/su" in single-user mode
Message-ID: <621@dual.UUCP>
Date: Tue, 26-Jun-84 11:09:45 EDT
Article-I.D.: dual.621
Posted: Tue Jun 26 11:09:45 1984
Date-Received: Thu, 28-Jun-84 03:16:55 EDT
References: <265@rna.UUCP>
Organization: Dual Systems, Berkeley, CA
Lines: 21

> 	One reason I might do such a thing is to prevent passers-by from
> booting the system and getting a root shell. 

But...., but....???

When rebooting, the system runs as superuser, so the `su' to `root' will
always succeed - without asking for a password - so you get a superuser
shell anyway. How does this make things any more secure?

Incidentally, speaking of the S5 init, how many of you out there were
aware of a neato init state executed BEFORE anything else is brought
up, activated by the tag `sysinit' in your inittab? This one is
real handy if there are commands that MUST be done before you even get
a single-user shell - perhaps initializing some sort of user device or
checking the root file system. I found this in the code while trying to
solve a problem for someone here; turns out it exactly solved the problem -
but I have not seen it documented anywhere (!surprise!).

	    Mats Wichmann
	    Dual Systems Corp.
	    ...{ucbvax,amd70,ihnp4,cbosgd,decwrl,fortune}!dual!mats