On Thursday, 09/28/2006 at 11:09 ZE2, Martin Schwidefsky <[EMAIL PROTECTED]> wrote: > I tried to use opcode 0x0e to do password suppression in the 3215 driver > but found out the hard way that it doesn't work. To suppress the output > on a 3215 device you need to have a pending 0x0e read. The read will sit > there until the user pressed the attention key. If in the meantime the > console has to print a new message, the read needs to be stopped, > followed by the write for the message and then the read needs to be > started again. Consider my surprise when I found that a halt-subchannel > on the 3215 device did not work .. it is not implemented in the 3215 > emulation.
Oh, yeah! Now I remember! I double-checked the 3215 CCWs in the old S/370 Model 135 book and opcode 0x0E is something CP made up explicitly to suppress the display of the password. There's no particular reason its use couldn't be decoupled from "prompt". But I also remember now that the halt-subchannel mechanisms used by Linux could create "windows" where the typed password could become visible or be ignored. I am, of course, in the camp that says don't prompt for the root password. In the vast majority of shops, whoever logs onto the virtual console and kill or corrupt Linux in any way they wish. And when you compare this against having the formerly-secret root password appear in a console log, the decision is simple (IMO). If I had a discrete server in a password protected room (one per room, please), would I bother with another password? What if a sign on the wall above the server said, "A visual record of everything you do will be made and stored where other people can get it."? Sometimes people don't apply the same protections to archived logs as they do to the servers those logs come from. If someone needs to logon to a Linux console it is because the network is broken and they need to run a repair script or they haven't Seen The Light .... Go into the Light......go...... :-) Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
