[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-ppc
Subject:    Re: Odd shutdown from KDE to single user
From:       Martin Costabel <costabel () wanadoo ! fr>
Date:       1999-11-29 22:47:12
[Download RAW message or body]


Hollis R Blanchard wrote:
> 
> On Mon, 29 Nov 1999, Adam Price wrote:
> >
> > My unpriveledged username is ami.  If ami issues the command "shutdown
> > now" from a kde window, he is prompted for his password.  The
> > unpriveledged password given, kde shuts down to single user mode, with
> > root access.  Is this correct?  For me it doesn't matter, since I am the
> > only user, but how would I prevent this if I had more users?
> 
> I noticed that too. I think I was told it's "correct". The cause might be the
> line
>   account    required     /lib/security/pam_permit.so
> in /etc/pam.d/shutdown, which seems to imply it's sufficient to simply have an
> account on the system to shut it down. /usr/doc/pam-* has info on the config
> file syntax, but I don't really have time to look through it right now...

man consolehelper explains this, too. The idea is that anyone sitting at
your console can shut your computer down anyway, by pulling the power
plug, for example. If you are not root, this works only at the console,
not over the net (and only if /usr/bin comes before /sbin in your
$PATH).

--
Martin

** Sent via the linuxppc-user mail list. See http://lists.linuxppc.org/

[prev in list] [next in list] [prev in thread] [next in thread]