[kmscon-devel] /bin/login always runs on /dev/pts/X

[Cristian Rodríguez]

El 27/05/14 07:44, David Herrmann escribió:

> Note that /etc/securetty and pam_securetty is crap (in my opinion).

I am also looking forward to get rid of this horrible hack..

> It's a totally useless way to prevent root-logins. You should protect
> root-logins with a proper authentication-scheme, instead of relying on
> filters like /etc/securetty (which, btw, don't protect against "sudo"
> and "su"..). 

Also, TTY access is not enforced by the kernel but by an userspace
component.. this is the fatal flaw of this relic.





-- 
Cristian
"I don't know the key to success, but the key to failure is trying to
please everybody."