Booting SunOS 4.0 singlu user (was Re: NFS security)

Bruce G. Barnett barnett at vdsvax.steinmetz.ge.com
Fri Sep 9 20:57:59 AEST 1988


In article <12397 at duke.cs.duke.edu> ndd at romeo.UUCP (Ned D. Danieley) writes:
|If I understand what you've described, the only way to protect a
|[SunOS 4.0] workstation from someone booting it single user is to deny root
|the ability to log in on that workstation. Doesn't sound very elegant
|to me.

The "secure" flag means the console is in a secure (i.e. private)
location.

When the flag is missing, (i.e. anyone has access to the console)
the password is needed to boot up single user mode.
Also, root cannot log in on that terminal.

Instead, you have to log in as a user and do a 'su'. You can restrict
the people allows to su to root by an entry in /etc/group.

You can still rlogin as root, if the /.rhosts lets you.

The solution seems "elegant" and consistant to me. I don't find it to
me a problem. I can quickly log in as root from MY workstation.
-- 
	Bruce G. Barnett 	<barnett at ge-crd.ARPA> <barnett at steinmetz.UUCP>
				uunet!steinmetz!barnett



More information about the Comp.unix.wizards mailing list