Re: Solaris non-root login (was: IRIX 6.2 pass...)

[R.J.Yates () OPEN AC UK (Richard Yates SPG)]

Eugene Bradley writes:
> On 28 Sep 98, @ 16:14, D.A. Harris <rodmur () ECST CSUCHICO EDU> wrote:
> > Actually, something that I think is a bug in IRIX, something that hasn't
> > been fixed in 6.5, is the behavior of login when you specify that root can
> > only login into /dev/console (this can be set in /etc/default/login).
> > Instead of immediately denying someone access when they try to telnet or
> > rlogin as root to a box, it lets you still attempt the password, and only
> > denies you access when you get the password correct. [ ... ]
>
> This login bug also exists on every version of Solaris that I've
> worked with, from 2.3 all the way to 2.6 HW 5/98
> <rant>
> [ ... ]
> </rant>

Solaris 2.3:   passwd/wrongpw => chucked off, no msg/Not on system console.
Solaris 2.4:                  => login incorrect/login incorrect.
Solaris 2.5.1:                => Not on system console/Not on system console.
Solaris 2.6:1:                => Not on system console/Not on system console.

Various patches all over the place, so you should be able to
get some to suit you. The behaviour seems to be consistently
inconsistently consistent. However, the system takes longer
to chuck you off if you stick in the wrong passwd. I wonder
why? (No, I don't, this is a rhetorical question!).

Richard.
--
The Open University is not responsible for content herein, which may
be incorrect and is used at reader's own risk.