Shawn Walker wrote:
> On 22/06/07, Dev Mazumdar <dev at opensound.com> wrote:
>> > It's for secure switch. The password is needed to
>> > re-enter any owned session.
>> > You can disable this functionality by:
>> > # svccfg -s vtdaemon setprop options/secure=false
>> > # svcadm refresh vtdaemon
>> > # svcadm restart vtdaemon
>> > Riny
>> I guess this is what I was asking about. SHouldn't the default
>> behavior be like Linux/FreeBSD or UnixWare where you don't have to
>> keep re-entering the password when you switch virtual consoles that
>> you've already logged in?
> I suppose it depends on what your perspective is. Is secure by default
> or convenience more important? If you're an OpenBSD fan, the former,
> if not, the latter perhaps ;)
Yes, it should be Secure By Default on Solaris.
> However, maybe there is a happy medium that can be reached.
> Instead of a flat out password required on switch, by password
> required on switch after X seconds of inactivity could be done?
Yes, I think it could be done, but not secure. Would the extra
complexity bring us much value? Users may need to remember how
many seconds left for an inactive session? For simplicity, users
can just directly disable the secure switch.