[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Embarrassing security bug in systemd

On Fri, 8 Dec 2017 23:56:44 +0000
Brian <ad44@cityscape.co.uk> wrote:

> On Fri 08 Dec 2017 at 23:06:00 +0000, Joe wrote:
> 
> > On Fri, 8 Dec 2017 17:12:18 -0500
> > Cindy-Sue Causey <butterflybytes@gmail.com> wrote:
> >   
> > > 
> > > I do remember having to give a password, but I don't remember how
> > > long ago now. And I have too much open right now to test drive
> > > whether mine does it or not these days.. :)
> > >   
> > As I did the other day. I've tried it now (up-to-date unstable) and
> > it works for a non-root user.  
> 
> Without policykit-1 installed it doesn't; no rebooting or powering
> off with /sbin/reboot or /sbin/poweroff for a user. CTRL+ALT+DEL
> from a terminal reboots. That's the same behaviour as sysvinit.
> 

Yes, I understand that, the point is that the first installation of
policykit-1, which I did not explicitly request, did not ask me if I
wanted non-root users to be able to reboot, or indeed about anything
else it might control. Not that it matters on any of my machines, I'd
just like to have been told that it was changing, and given the option
to keep it as it was had I needed to.

-- 
Joe
Reply to: