[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: restart / shutdown by normal user



On Mon, Jan 20, 2003 at 04:22:34PM -0700, Bob Proulx wrote:
> Craig Jackson wrote:
> > # chmod +s /sbin/shutdown
> > 
> > This is not something I would do though. Why don't you do this when you
> > want to shut down:
> 
> I recommend against doing that chmod on shutdown.  It has not been
> inspected for security holes and that might open big ones.
> 
> If you really want any user that can log into the box to be able to
> reboot it then instead, install sudo, then put something like this in
> the sudoers file (using visudo).
> 
> ALL     ALL=NOPASSWD: /sbin/shutdown

Hmmmm, I'm intrigued: how is this different to setuid'ing it?  Any user
can still run it as root...

-rob

Attachment: pgpz9Ixl05cye.pgp
Description: PGP signature


Reply to: