Re: shutdown user and accountability

To: debian-security@lists.debian.org
Subject: Re: shutdown user and accountability
From: Mathias Palm <Mathias.Palm@gmx.net>
Date: Wed, 28 Nov 2001 16:48:45 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.21.0111281614020.406-100000@Monos>
In-reply-to: <[🔎] Pine.SOL.4.31.0111272215521.28772-100000@copland.udel.edu>


On Tue, 27 Nov 2001, Rishi L Khan wrote:

> How about Cntrl-Alt-Del? That shuts down a debian box without even logging
> in. As far as accountablity ... you could do it the old fashioned way and
> have a sign in sheet ... one stupid policy deserves another.
> 
> 		-rishi

It _can_ shut down a computer. You can change the behaviour by editing
/etc/inittab. E.G. my box hust prints "bla" by setting :

ca:12345:ctrlaltdel:/bin/echo bla

ps. sorry when this mail comes two or threefold, but somehow, I haven't 
seen it in the list yet, 

All the best

> 
> On 28 Nov 2001, Olaf Meeuwissen wrote:
> 
> > Blake Barnett <blake.barnett@developonline.com> writes:
> >
> > > On Tue, 2001-11-27 at 18:58, Olaf Meeuwissen wrote:
> > > > Blake Barnett <blake.barnett@developonline.com> writes:
> > > >
> > > > > Can't you give a group sudo access?  If so, just add everyone to a group
> > > > > and give that group sudo /sbin/halt or sudo /sbin/shutdown or both.
> > > >
> > > > That's exactly what my sudo setup does right now.  The problem is that
> > > > apparently *everyone* needs to be able to shut down the machine (for
> > > > reasons that are beyond me).  Added accounts on an as needed basis is
> > > > fine with me, but I don't fancy creating, oh, 250+ password protected
> > > > accounts just to meet policy.
> > >
> > > Ok, I guess I didn't understand that the accounts didn't already exist.
> > > Is this some sort of kiosk or something?
> >
> > Nope, just a file/web server (but I'm thinking of adding a programming
> > environment (EEK!) for educational purposes) that is in a place that
> > does not allow physical access restrictions (beyond being able to
> > enter the company premises).
> >
> > > If you can't wrap the stuff in a script --maybe it needs to be setuid?
> > > blech!--, and log it there, then I dunno what to tell ya.
> >
> > Not much use ;-), but thanks anyway!
> > --
> > Olaf Meeuwissen       Epson Kowa Corporation, Research and Development
> > GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97  976A 16C7 F27D 6BE3 7D90
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>

Reply to:

References:
- Re: shutdown user and accountability
  - From: Rishi L Khan <rishi@UDel.Edu>

Prev by Date: Re: [OT] resctrict ssh to localnet for some users but not for others.
Next by Date: Re: shutdown user and accountability
Previous by thread: Re: shutdown user and accountability
Next by thread: Re: shutdown user and accountability
Index(es):
- Date
- Thread