[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shutdown from gnome logout dialog

On Mon, Sep 15, 2003 at 09:46:26PM +0200, Carlos Perelló Marín wrote:
> El lun, 15-09-2003 a las 21:06, Thomas Morin escribió:
> > Hi,
> Hi
> [...]
> > Here is the principle I propose :
> >   - at logout, gnome-session proposes the reboot and halt options to the user
> >   - if halt [or reboot] is chosen, a $HOME/.gdm-halt file [or .gdm-reboot]
> >     file is created
> >   - in the gdm PostSession script (which is run by gdm as root), the
> >     existence of those files is tested
> >   - if one of them exists and if the configuration allows, shutdown
> >     (or reboot) of the workstation is triggered
> It's not a bad idea but it has some security issues. What happens if an
> application executes "touch $HOME/.gdm-reboot"? the user does not want
> reboot the machine but a virus/trojan could do it without problems

What about gdm passing to gnome-session a magic number or something, and
gdm would only reboot/halt if this same magic number would be found in
the .gdm-reboot/halt file ?

As the magic number will only be known to gdm and gnome-session, it
should be secure, unless your random number generator is compromised,
but in these case, i suspect you are in deeper trouble anyway.

I am no security expert though.


Sven Luther

Reply to: