Dev Mazumdar wrote:
> Riny Qian wrote:
>> Shawn Walker wrote:
>>> On 22/06/07, Dev Mazumdar <dev at opensound.com> wrote:
>>>> > It's for secure switch. The password is needed to
>>>> > re-enter any owned session.
>>>> >
>>>> > You can disable this functionality by:
>>>> >
>>>> > # svccfg -s vtdaemon setprop options/secure=false
>>>> > # svcadm refresh vtdaemon
>>>> > # svcadm restart vtdaemon
>>>> >
>>>> >
>>>> > Riny
>>>>
>>>> Hi,
>>>>
>>>> I guess this is what I was asking about. SHouldn't the default 
>>>> behavior be like Linux/FreeBSD or UnixWare where you don't have to 
>>>> keep re-entering the password when you switch virtual consoles that 
>>>> you've already logged in?
>>>>
>>>
>>> I suppose it depends on what your perspective is. Is secure by default
>>> or convenience more important? If you're an OpenBSD fan, the former,
>>> if not, the latter perhaps ;)
>>
>> Yes, it should be Secure By Default on Solaris.
>>
> 
> But OpenBSD's concept of security is about as useful as Windows 95 
> unplugged from the Internet and a piece of tape stuck on the floppy 
> drive. OpenBSD turns off all services, what good is that?
> 
> Are you telling me that somehow every time I switch mouse focus to an 
> xterm I should be asked to enter a password? Becuase I can see that 
> being a security issue just as much as a security issue virtual consoles 
> is.

No. They're obviously different.

Even for xterm in a X session, users still need to pay attention to the
security issue if they su'ed to another user in a xterm, and e.g. they
can exit this su once they're done.

Regards,
Riny

Reply via email to