Anton Graham wrote:
> 3) Ok, boot into runlevel 3. muck around a bit restoring various config
> files (and X still doesn't work after restoring my XF86config), prepare to
> shutdown and am informed:
> Shutdown: No authorized users logged in.
> What?!? Check /etc/shutdown.allow and it contains all authorized
> users. Explicit: shutdown -a now allows the shutdown, but dumps into
> runlevel 1. Must type init 0 to shutdown the system.
I don't like this. If /etc/shutdown allow exists, a reboot should use
this file anyway (don't need to specify -a). Also, in the "custom"
security level, I was never asked if I want this behavior (please fix).
When it asks for the LILO boot password, is there any way to stop this
from displaying to stdout? This itself is a security hazard. Also, the
"Deny all connections" question is misleading. It denys all connects
though servers that uses inetd, but not other inetds or standalone
servers. I am using xinetd, which I see as so much better than inetd,
security-wise and configuration-wise, maybe consider xinetd for Mandrake
(at least in contrib)?
--
Sincerely,
David Walluck
<[EMAIL PROTECTED]>
