Unprivileged user shutdown
Scott Garman
sgarman at iname.com
Wed Oct 13 14:34:01 EDT 2004
On Wed, 2004-10-13 at 14:11, Michael ODonnell wrote:
> > useradd -c "execute reboot"
> [...]
> > -u 0
> > poweroff
>
> > There aren't any security problems here? It seems like there could
> > be potential issues with having a "second root" account where the
> > password was known. I'm not sure where exactly the problem would
> > come from, but it just seems like there could be potential issues.
>
>
> You're concerned that somebody might be able to use
> the "poweroff" user's credentials to gain other root
> privileges? I've not heard of a scenario where this
> would be a problem.
The man page for su shows an option for changing the default shell that
is run, "-s". I assume the risk here would be if one of these users were
to run "su <shutdownacct> -s /bin/bash" and use the shutdown account's
password to obtain an unrestricted root shell. I've never tried this so
I'm not sure if that would work.
Perhaps a better solution would be to set up a normal user account (ie,
not uid=0) and give this user sudo access to run shutdown?
Scott
--
Scott Garman
sgarman at iname dot com
More information about the gnhlug-discuss
mailing list