Re: Administration question

To: David_Neuer@stream.com
Cc: debian-user@lists.debian.org
Subject: Re: Administration question
From: Paul <paul@experimental.braille.uwo.ca>
Date: Mon, 18 Aug 1997 09:16:13 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.3.96.970818091231.22499C-100000@experimental.braille.uwo.ca>
In-reply-to: <[🔎] 00053D3C.@stream.com>

Hi David,  I work at Western university and we added a user shutdown.  We
told it when you log in to execute shutdown -h now and that is it.  That
might be the easiest way to do it.  A little time consuming but other then
that not the headaches that you could get if the system were to go down.
If you need anymore info, email me.
Paul


On Fri, 15 Aug 1997 David_Neuer@stream.com wrote:

> I am running a Debian system right now as a web development staging server.  At
> present, it is only on a local network, but could conceivably become a gateway
> to the Internet as well.  So for the time being, it is basically a two-user
> system (me and my wife).
> 
> I am teaching my wife to do web development, and would like her to be able to
> use the Linux system.  This includes having her be able to shut the system down
> when she's done using it (we can't afford to leave this old 486 system running
> without a pretty heavy subsidy from the electric co!).  My wife is not a real
> experienced computer user in general, and she has NO UNIX experience whatsoever. 
> Needless to say, I'm not really crazy about the idea of giving her root access,
> lest some simple mistake hose the system completely.
> 
> What would be the best way to enable her to run the shutdown command, without
> creating a giant security hole which might bite me in the @*% should this
> machine ever become a gateway?  My thoughts up to this point:
> 
> 1)  Creating a group consisting of my wife and myself, and doing a setuid and
> chmod 710 on the shutdown command itself, and changing group ownership to the
> group with me and her in it.
> 
> 2)  Creating a group consisting of my wife and myself, and writing a script
> which executes the shutdown command, then setting the ownership for the script
> to root, group ownership on the script to our group, and doing a setuid on just
> the script.
> 
> It seems to me that the second option is the best as I don't have to monkey
> around with the permissions on the command.  Is the second any more of a
> security concern than the first, or, as I assume, less?  Say my wife's user
> password is ridiculously easy to guess; do these give the same amount of system
> access to the person who cracks into her account?
> 
> Does anyone know of a better way to do this?
> 
> 
> --
> TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
> debian-user-request@lists.debian.org . 
> Trouble?  e-mail to templin@bucknell.edu .
> 


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Administration question
  - From: David_Neuer@stream.com

Prev by Date: Re: 6666 and 6667 ports..
Next by Date: Work-Needing and Prospective Packages
Previous by thread: Re: Administration question
Next by thread: Problem upgrading Debian
Index(es):
- Date
- Thread