[Pkg-shadow-devel] Bug#768020: Bug#768020: Missing /dev/ttySC* entries in /etc/securetty

Mike Frysinger vapier at gentoo.org
Tue Nov 4 17:31:57 UTC 2014

On 04 Nov 2014 10:04, Geert Uytterhoeven wrote:
> Package: login
> Version: 1:4.2-2+b1
> /etc/securetty contains the following /dev/ttySC* entries:
> | # SCI serial port (SuperH) ports and SC26xx serial ports
> | ttySC0
> | ttySC1
> | ttySC2
> | ttySC3
> Some Renesas ARM-based SH-Mobile development boards have the
> serial console on ttySC4 or ttySC6, or a secondary console on ttySC7.
> At least one SH-based board has its serial console on ttySC5.
> Can you please add entries ttySC[4-9]?

there's a lot of boards with a lot of different serial devices.  i'm not sure 
every possibility should be hardcoded ?  every distro is duplicating this work 
too and maintaining their own random full list.  can't we do better here ?

perhaps the default should be to not have an /etc/securetty at all ?  if the 
system is configured to launch getty on a tty, then in today's world, it means 
it's a local device right ?  if you have physical access to something, and know 
the root password, what exactly is this protecting the system from ?

no one uses telnet anymore.  if you are, then you deserve to have your system 
owned :).  are there any other services that go through `login` ?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20141104/2f31d89c/attachment.sig>

More information about the Pkg-shadow-devel mailing list