Re: Problem with '/etc/shutdown.allow'

To: debian-user@lists.debian.org
Subject: Re: Problem with '/etc/shutdown.allow'
From: miquels@cistron.nl (Miquel van Smoorenburg)
Date: 18 Oct 2000 09:30:10 GMT
Message-id: <8sjqj2$35o$1@enterprise.cistron.net>
References: <39EB2C2C.13F7D8DC@netway.at> <844s2c89bj.fsf@snoopy.apana.org.au> <20001017051707.B21770@plato.local.lan> <844s2b6puo.fsf@snoopy.apana.org.au>

In article <844s2b6puo.fsf@snoopy.apana.org.au>,
Brian May  <bam@debian.org> wrote:
>It looks like (to me) that making shutdown setuid root means anybody
>can shutdown the computer, from any location, as /etc/shutdown.allow
>is only checked when -a is passed. Am I wrong?

No, that is correct. Shutdown wasn't really designed to be run setuid.
It might have 1 or 2 buffer overruns as well so you *really* don't
want to make it setuid root.

>If I am wrong, then the documentation should be corrected for this
>special case.

No need to, the documentation is correct as well.

Mike.

Reply to:

References:
- Problem with '/etc/shutdown.allow'
  - From: Andreas Hetzmannseder <hetzmann@netway.at>
- Re: Problem with '/etc/shutdown.allow'
  - From: Brian May <bam@debian.org>
- Re: Problem with '/etc/shutdown.allow'
  - From: Ethan Benson <erbenson@alaska.net>
- Re: Problem with '/etc/shutdown.allow'
  - From: Brian May <bam@debian.org>

Prev by Date: X Font changed after woody dist-upgrade
Next by Date: Re: howto reflect cfdisk changes
Previous by thread: Re: Problem with '/etc/shutdown.allow'
Next by thread: Re: Problem with '/etc/shutdown.allow'
Index(es):
- Date
- Thread