Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!cornell!uw-beaver!rice!sun-spots-request
From: lkw@csun.edu (Larry Wake)
Newsgroups: comp.sys.sun
Subject: Putting "login root" in /.profile: a bad idea
Message-ID: <8812122035.AA23342@csun.edu>
Date: 20 Dec 88 10:27:52 GMT
Sender: usenet@rice.edu
Organization: Sun-Spots
Lines: 18
Approved: Sun-Spots@rice.edu
Original-Date: Mon, 12 Dec 88 12:35:42 -0800
X-Sun-Spots-Digest: Volume 7, Issue 64, message 7 of 12

Putting "login root" in your /.profile file is definitely a Bad Thing.
The problem: login will time out after 60 seconds, and your system will
come up multiuser.  Why is this bad?  Scenario: two in the morning, a
momentary power failure causes your system to crash hard.  One of your
filesystems goes sour enough that fsck gives up; system goes single user.
Your /.profile runs login, but no one's around to log in.  A minute later,
your system comes up multiuser -- with a dirty filesystem, and no record
anywhere that this is what happened, as the fsck error message will
probably have scrolled off your console by the time you get there...

After this happened to us, I cobbled together a program called 'lockpass'
that just prompts for the root password forever, and execs a shell once it
gets it.  I believe someone posted a similar program to Sun-Spots a few
months ago.

Larry Wake
CSU Northridge Computer Center
lkw@csun.edu