On 5/6/06, Eric Furman <[EMAIL PROTECTED]> wrote:
--- Peter Fraser <[EMAIL PROTECTED]> wrote:
> I was very surprised, that when I was installing
> a 3.9 system, that you can use an empty root
> password
>
> I accidentally entered a 'return' when it asked for
> the
> root password, so I entered a 'return" again when
> I was asked to repeat the password, thinking that
> a empty password would be denied, and I would be
> asked
> again.
This is a feature, not a bug.
And I'm not being sarcastic. :-)
What if you have a test machine not connected
to any network and is physically secure
and you need to log on as root alot. It would
be nice to not have to enter any password if
you didn't want to. This is normal UNIX
behaviour. The OpenBSD people aren't going
to 'force' you to do everything securely.
They just give you the means and tools
to be so. It's up to you to use them correctly.
(Not that the scenario above is a 'good' idea.
It's just that I 'should' be able to do it
if I so choose)
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
I remember what a pain it was on a Microsoft SBS2003 with advanced
password protection activated that I had to have a minimum amount of
password and numeric alpha mandatory on Administrator account. I
actually set up the root for a newbie without a password so he can
play with OpenBSD for the first time. This does not have a network
card and just for a newbie to play with.
rogern
John 3:16
