Unprivileged user shutdown
Cole Tuininga
colet at code-energy.com
Wed Oct 13 14:53:00 EDT 2004
On Wed, 2004-10-13 at 14:33, Scott Garman wrote:
> The man page for su shows an option for changing the default shell that
> is run, "-s". I assume the risk here would be if one of these users were
> to run "su <shutdownacct> -s /bin/bash" and use the shutdown account's
> password to obtain an unrestricted root shell. I've never tried this so
> I'm not sure if that would work.
This is exactly the kind of thing I was concerned about. Surprisingly,
I tried it on a local test system here, and doing a:
# su -s /bin/bash shutdown
[ask for password]
from a normal user, still caused the system to power down. How was that
accomplished? Anybody?
--
"... one of the main causes of the fall of the Roman Empire was that,
lacking zero, they had no way to indicate successful termination of
their C programs." -- Robert Firth
Cole Tuininga
Lead Developer
Code Energy, Inc
colet at code-energy.com
PGP Key ID: 0x43E5755D
More information about the gnhlug-discuss
mailing list