On 26 May 2023, at 21:28, bob prohaska wrote:
> It turns out all seven hosts in my cluster report
> a null password for root in /usr/src/etc/master.passwd:
> root::0:0::0:0:Charlie &:/root:/bin/sh
>
> Is that intentional?
Well, it has been that way in FreeBSD since 1993, and in BSD since
1980 (4.0BSD). I guess you would say that it is intentional. The
alternative would be to have a well-known password like root, but
then it wouldn’t be as obvious that a local password had not been
set.
Mike
> Thanks for reading,
>
> bob prohaska
