Unprivileged user shutdown

Scott Garman sgarman at iname.com
Wed Oct 13 14:34:01 EDT 2004


On Wed, 2004-10-13 at 14:11, Michael ODonnell wrote:
> >  useradd -c "execute reboot"
> 	[...]
> >          -u 0
> >          poweroff
> 
> > There aren't any security problems here?  It seems like there could
> > be potential issues with having a "second root" account where the
> > password was known.  I'm not sure where exactly the problem would
> > come from, but it just seems like there could be potential issues.
> 
> 
> You're concerned that somebody might be able to use
> the "poweroff" user's credentials to gain other root
> privileges?  I've not heard of a scenario where this
> would be a problem.

The man page for su shows an option for changing the default shell that
is run, "-s". I assume the risk here would be if one of these users were
to run "su <shutdownacct> -s /bin/bash" and use the shutdown account's
password to obtain an unrestricted root shell. I've never tried this so
I'm not sure if that would work.

Perhaps a better solution would be to set up a normal user account (ie,
not uid=0) and give this user sudo access to run shutdown?

Scott

-- 
Scott Garman
sgarman at iname dot com




More information about the gnhlug-discuss mailing list