Hi! On Sun, 09 Jul 2000, Bob Bernstein wrote:
> I suppose the moral of the story is, "Don't leave root logins unattended."
> (But wouldn't it be simpler to have, as a possible line in
> /etc/shutdown.allow, "none"?)
May I quote the man page[1]?
[...]
If shutdown is called with the -a argument (add
this to the invocation of shutdown in /etc/inittab), it
checks to see if the file /etc/shutdown.allow is present.
It then compares the login names in that file with the
list of people that are logged in on a virtual console
(from /var/run/utmp). Only if one of those authorized
users or root is logged in, it will proceed. [....]
So, why put none, or bin or anything it, if what counts is
the mere existense of the file. And if root is logged in,
shutdown always succeds.
Just my EUR 0.0.2
yours,
peter
1. Hehe, as if you could stop me :)
--
PGP encrypted messages preferred.
http://www.cosy.sbg.ac.at/~ppalfrad/
pgpDUyOqhlCBr.pgp
Description: PGP signature
