[plug] Question on Linux system security

Andrew Furey simpware at yahoo.com
Tue Aug 14 19:36:27 WST 2001


> > As a normal user you can reboot the machine from
> > the console.

> Eh?  Not like that you can't.
> [snip] 
> But you can always use the three finger salute.  I
> think most distros
> enable that (in /etc/inittab) for any user logged in
> at the console (or
> no user logged in on the console.)

I believe there is a file /etc/shutdown.allow, which
if it exists, then only the users (other than root)
who are listed in the file are allowed to call
shutdown.

Hence the most secure setup in this regard would have
the file existing but empty. Presumably this would
prevent all shutdown methods for users, since they all
use shutdown eventually... 

Only thing is, you have to pass -a to shutdown, but
this could be easily done in /etc/inittab for
Ctrl-Alt-Del (not sure about halt/reboot though).

Andrew


=====
In a world without walls and fences, who needs windows and gates?

_____________________________________________________________________________
http://shopping.yahoo.com.au - Father's Day Shopping
- Find the perfect gift for your Dad for Father's Day



More information about the plug mailing list