Re: Embarrassing security bug in systemd
On Wed, 6 Dec 2017 17:35:18 -0500
Michael Stone <mstone@debian.org> wrote:
> On Wed, Dec 06, 2017 at 10:52:17PM +0100, Urs Thuermann wrote:
> >Yesterday, my 10 years old son logged into my laptop running Debian
> >jessie using his account, and curiously asked if he is allowed to try
> >the /sbin/reboot command. Knowing I have a Linux system as opposed
> >to some crappy Win machine, I replied "sure, go ahead and try".
> >Seconds later I was completely shocked when the machine actually
> >rebooted...
>
> It's a feature. Users at the console can reboot, on the theory that
> if someone's sitting at the laptop they could also just push the
> power button...
>
I think the point here is that it never used to be, and I don't recall
any publicity about the change. Of course, I'm a mere user, not a
developer.... but I do read changelogs, and I've never seen it there.
I've used a server since sarge, and never had the slightest trace of a
GUI installed. I would therefore consider myself a console user, and I
always had to use sudo to shutdown or reboot, or su on a new
installation. There was never any difference, local or remote.
Several years ago, I used to use LXDE on my workstation (between the
introductions of Gnome3 and systemd on unstable, to date it) and one
day it would not shut down from the desktop applet. I needed to open
a terminal to shutdown, and *then* I needed to use sudo and a
password. After doing it for a while with no fix, I switched to Xfce,
which I've used since, for this precise reason.
So it certainly used to work the other way around: DEs had workarounds
so that root or sudo was not necessary to power off, but the console
command did need root privileges. It may be different now, but it's a
long time since I accidentally issued a shutdown command without root
privileges, and I'm not going to do it at the moment.
--
Joe
Reply to: