Dev Mazumdar wrote: > Riny Qian wrote: >> Shawn Walker wrote: >>> On 22/06/07, Dev Mazumdar <dev at opensound.com> wrote: >>>> > It's for secure switch. The password is needed to >>>> > re-enter any owned session. >>>> > >>>> > You can disable this functionality by: >>>> > >>>> > # svccfg -s vtdaemon setprop options/secure=false >>>> > # svcadm refresh vtdaemon >>>> > # svcadm restart vtdaemon >>>> > >>>> > >>>> > Riny >>>> >>>> Hi, >>>> >>>> I guess this is what I was asking about. SHouldn't the default >>>> behavior be like Linux/FreeBSD or UnixWare where you don't have to >>>> keep re-entering the password when you switch virtual consoles that >>>> you've already logged in? >>>> >>> >>> I suppose it depends on what your perspective is. Is secure by default >>> or convenience more important? If you're an OpenBSD fan, the former, >>> if not, the latter perhaps ;) >> >> Yes, it should be Secure By Default on Solaris. >> > > But OpenBSD's concept of security is about as useful as Windows 95 > unplugged from the Internet and a piece of tape stuck on the floppy > drive. OpenBSD turns off all services, what good is that? > > Are you telling me that somehow every time I switch mouse focus to an > xterm I should be asked to enter a password? Becuase I can see that > being a security issue just as much as a security issue virtual consoles > is.
No. They're obviously different. Even for xterm in a X session, users still need to pay attention to the security issue if they su'ed to another user in a xterm, and e.g. they can exit this su once they're done. Regards, Riny
