There is a security risk currently on the system with regard to the PROM.  Anyone can perform the following actions to gain superuser access:

1. stop-a
2. boot cdrom -s
3. mount the hard drive's boot partition
4. edit the hard drive's /etc/shadow file and remove the root password
5. reboot and log in as root

While this method is good because it will allow you to recover your root password (and fix system files), it also allows hackers to gain access to your system.

One method of making this more difficult is to provide a password at the PROM level. If you set this password, anyone who performs a "stop-a" will need to know the password in order to boot the system from the cdrom.

To set this password, perform the following commands: