[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shutdown/halt as user

According to David Wright:
> > Stuff like this doesn't belong in sysvinit. It belongs in an
> > optional package that can call shutdown, not in shutdown itself.
> > Let alone in the halt binary!
> 
> Fine, I wouldn't object.
> 
> But I would point out that (1) you don't loose any modularity with a pam 
> layer, since you can configure pam to require or not require just about 
> anything you want

A PAM layer to do what? Currently, halt doesn't *have* anything
like an interactive dialog built in. It isn't setuid. It's not
meant to be called by users.

That is the stuff that doesn't belong in halt. You might as well
build an interactive shutdown dialog into /bin/mknod, that would
make just as much sense.

> and (2) such a code change is hardly an unprecedented 
> security risk -- login, for example, has already been pam-ified.

You don't understand.

Mike.
-- 
Computers are useless, they only give answers. --Pablo Picasso
Reply to: