From mboxrd@z Thu Jan 1 00:00:00 1970 From: "David Jackson" Subject: Re: RH7.2: init 1 no password? Date: Tue, 21 May 2002 10:47:39 -0600 Sender: linux-admin-owner@vger.kernel.org Message-ID: <200205211047.AA57540898@wcox.com> Reply-To: Mime-Version: 1.0 Return-path: List-Id: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-admin@vger.kernel.org, Scott Taylor Scott -- First -- I have a lot of respect for Glynn options, but I think the responses to this question ignores basic secruity concerns. And doesn't explain why Redhat goes against basic secruity practice? Second -- What that extra login does is force you stop, and think before taking an action. As the old saying goes," An ounce of prevention is worth a pound of cure". In a 24x7 datacenter with 300+ servers and it's me and 2 other admins, and it's 03:00AM on Sunday, and backup are crashing left and right, and it's the end of what's been a long week. That "Maintence Mode" message and prompt, could be enough to remind me that Glynn is dailing in from home and working on that box, or even worse keep me from waking Glynn up at 03:00 to tell him what he already knows. Finaly, my question comes from 4 years of Solaris experience support datacenter for clients including Sun Microsystems, in the US. David > >What Glynn says is true, you don't need access to init 1 or shutdown or >even root permissions to access any machine if you have access to the >consol. If your security and janitors have access to it, you better make >sure you can trust them. I don't know why anyone paying security $10.00 >would trust them with the key to the servers. > >- >To unsubscribe from this list: send the line "unsubscribe linux-admin" in >the body of a message to majordomo@vger.kernel.org >More majordomo info at http://vger.kernel.org/majordomo-info.html >