Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!cbosgd!ihnp4!ptsfa!ames!think!bloom-beacon!mit-eddie!rutgers!mcnc!ece-csc!ncrcae!hubcap!beede
From: beede@hubcap.UUCP
Newsgroups: comp.unix.questions
Subject: Re: Async terminal as console on a Sun
Message-ID: <418@hubcap.UUCP>
Date: Mon, 31-Aug-87 20:20:26 EDT
Article-I.D.: hubcap.418
Posted: Mon Aug 31 20:20:26 1987
Date-Received: Wed, 2-Sep-87 07:05:33 EDT
References: <2363@vdsvax.steinmetz.UUCP>
Organization: Clemson University, Clemson, SC
Lines: 34

in article <2363@vdsvax.steinmetz.UUCP>, barnett@vdsvax.steinmetz.UUCP (Bruce G Barnett) says:
-> 
-> In article <4341@elroy.Jpl.Nasa.Gov> david@elroy.Jpl.Nasa.Gov (David Robinson) writes:
-> |This brings up a problem that exists with Suns that I have.  The Suns
-> |are inherently insecure because anyone using a 3/50 can just
-> |power off the machine and reboot it in single user mode and become
-> |root.
-> 
-> The solution we use here is to add
-> 
-> 	login root
-> 
-> to  /.profile
-> 
-> Voila!
-> 
-> Any other ideas/suggestions?

I tried this with the result everyone seems to predict (at least
here): you get in an infinite login duel with the workstation.  When
sh starts up, it executes /.profile, which starts a login, etc.

If you put ``login root'' in /etc/rc.boot, the results are even
worse.

Unless there is a trick, adding ``login root'' to /.profile is not
effective, and writing an access checker is the way to go.

Needless to say (but I will . . .) I'd like to hear about said trick.
-- 
Mike Beede                      
Computer Science Dept.          UUCP: . . . !hubcap!beede
Clemson University              INET: beede@hubcap.clemson.edu
Clemson SC 29634-1906           YOUR DIME: (803)656-{2845,3444}