[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: off-topic: is a login, login?

On Mon, Apr 12, 1999 at 06:55:53PM -0400, Jonathan P Tomer wrote:
> alternatively, log in with the right password; only a setuid fake could
> really log you in as you, so if you aren't logged in you know that you need
> to log in from some secure place and change your password immediately (not
> to mention find out what user was on that tty at that time, and have him
> arrested).

This is not as easy as it sounds. After all you may have mistyped the
password. Some people like me pretty often do that.

> if by contrast you were talking about local logins to the console, there's
> one easy way: reboot the machine, then nobody has a chance to put in a
> trojan horse (except root, and again, if root wants to spy on you, there's
> just about zip you can do, except switch to another machine).

That's exactly the safest method. :-)

Michael
-- 
Michael Meskes                         | Go SF 49ers!
Th.-Heuss-Str. 61, D-41812 Erkelenz    | Go Rhein Fire!
Tel.: (+49) 2431/72651                 | Use Debian GNU/Linux!
Email: Michael.Meskes@gmx.net          | Use PostgreSQL!
Reply to: