Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!husc6!cmcl2!rutgers!ucla-cs!zen!ucbvax!decvax!linus!raybed2!cvbnet!gdelong From: gdelong@cvbnet.UUCP (Gary Delong) Newsgroups: comp.unix.questions Subject: Re: Async terminal as console on a Sun Message-ID: <179@cvbnet.UUCP> Date: Thu, 3-Sep-87 17:03:39 EDT Article-I.D.: cvbnet.179 Posted: Thu Sep 3 17:03:39 1987 Date-Received: Sun, 6-Sep-87 08:05:28 EDT References: <2363@vdsvax.steinmetz.UUCP> <418@hubcap.UUCP> Organization: Computervision, Bedford MA Lines: 43 In article <418@hubcap.UUCP>, beede@hubcap.UUCP (Mike Beede) writes: -> in article <2363@vdsvax.steinmetz.UUCP>, barnett@vdsvax.steinmetz.UUCP (Bruce G Barnett) says: -> -> -> -> In article <4341@elroy.Jpl.Nasa.Gov> david@elroy.Jpl.Nasa.Gov (David Robinson) writes: -> -> |This brings up a problem that exists with Suns that I have. The Suns -> -> |are inherently insecure because anyone using a 3/50 can just -> -> |power off the machine and reboot it in single user mode and become -> -> |root. -> -> -> -> The solution we use here is to add -> -> -> -> login root -> -> -> -> to /.profile -> -> -> -> Voila! -> -> -> -> Any other ideas/suggestions? -> -> I tried this with the result everyone seems to predict (at least -> here): you get in an infinite login duel with the workstation. When -> sh starts up, it executes /.profile, which starts a login, etc. -> -> If you put ``login root'' in /etc/rc.boot, the results are even -> worse. -> -> Unless there is a trick, adding ``login root'' to /.profile is not -> effective, and writing an access checker is the way to go. -> -> Needless to say (but I will . . .) I'd like to hear about said trick. On our sun 3/160s, I have "login root" as the first line in /.profile and it works like a champ. BTW: You might want to make sure your /etc/passwd entry for root uses /bin/csh as the startup shell. -- _____ / \ / All spelling errors | Gary A. Delong, N1BIP | \ / intentional for testing | linus!raybed2!cvbnet!gdelong \____\/ rn spellcorrector v1.02A. | (617) 275-1800 x5232