For mgetty users with non-trusted shell logins

• Messages sorted by:[ date ][ thread ][ subject ][ author ]

Frank D. Cringle <fdc@cliwe.ping.de> wrote:
> VAX-11/750 BSD-2.2 VT-52
> Please Login:
> *** Message from operator: system will be down from 8:00 thru 10:00

Yes, but if operator is root, he can write to the tty anyway, so
chmod 600 (I believe enforced by mgetty anyway on login) is enough.

Gert, another question: do you do a vhangup() or equivalent before
changing to 600 ?  No you basically can't, except if vhangup() doesn't
kill the fd itself. If you can't, then it's another troyan possibility
for people allowed to dial out through group.
(although this time it competes with mgetty for accessing the port).
Or do you open exclusively ?