On Tue, 1 Feb 2005, Bennie Hicks wrote: > If PROP is used, don't you have to have a console session in > /etc/inittab such as "1:2345:respawn:/bin/bash" ? Are there > alternatives to the root shell? ...
Yes, if PROP is used (we don't use PROP for this, but the SCIF reqs are basically the same) then you either need to perform a sign-on operation to Linux or you need a "root shell". Yes, there are alternatives to the root shell, and the default is a "login:" prompt via 'getty' or a variant. Given the position of Linux as a guest, the security issue is not a problem (up to a certain point of audit, the determination of which I'll leave OFF LIST and OUT of this thread). The Linux guest is "exposed" at its virtual console, if someone were to access that. That is balanced against VM protecting the v-console through the usual VM security methods (which may vary per site). The point is: Once you've done a VM sign on, why then also do a Linux sign on? If doing both provides meaningful security, then do so. But if not, then throw a root shell on the console and stop worrying about it. Either way, once a shell is running, CP SEND (via DIAG for mixed case) lets you issue commands. Nice! -- R; ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
