On 26/1/2000 Svante Signell wrote:
This question has been sent to the gnome, debian, redhat and suse
lists in December with no answer like this, see the summary in the
gnome-list or the debian-user list dated December 14 1999. The closest
was to use sudo or similar since I don't want to use xdm/gdm/kdm. Now only
remains how to find a similar solution for kde. (Gnome in Redhat already has a
solution for this via PAM)
Any security issues with the solution below?
yes, anyone and there brother can now execute shutdown as root and
thus anyone can shutdown the system, usually not what you want.
whether someone could somehow get a rootshell out of a suid shutdown
I do not know but i would not take the chance.
much better way to do this is add anyone who is allowed to shutdown
to sudoers and add the following script to /usr/local/bin
#! /bin/sh
sudo shutdown -h now
redhat has a convoluted solution that turned out to be insecure, they
have since fixed it, but still I would not run their usermode module
on my system after that..
sudo is just as easy and much safer.
--
Ethan Benson
To obtain my PGP key: http://www.alaska.net/~erbenson/pgp/
