Unprivileged user shutdown

Michael ODonnell michael.odonnell at comcast.net
Wed Oct 13 14:12:01 EDT 2004


>  useradd -c "execute reboot"
	[...]
>          -u 0
>          poweroff

> There aren't any security problems here?  It seems like there could
> be potential issues with having a "second root" account where the
> password was known.  I'm not sure where exactly the problem would
> come from, but it just seems like there could be potential issues.


You're concerned that somebody might be able to use
the "poweroff" user's credentials to gain other root
privileges?  I've not heard of a scenario where this
would be a problem.

BTW, if these people have physical access to the machine
and you don't trust them, you have bigger security problems
to solve than this one...
 



More information about the gnhlug-discuss mailing list