From owner-freebsd-security  Sun Aug  3 07:33:42 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id HAA26325
          for security-outgoing; Sun, 3 Aug 1997 07:33:42 -0700 (PDT)
Received: from grunt.vl.kharkov.ua (news@grunt.vl.kharkov.ua [193.124.76.209])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA26320
          for <freebsd-security@freebsd.org>; Sun, 3 Aug 1997 07:33:35 -0700 (PDT)
Received: (from news@localhost)
	by grunt.vl.kharkov.ua (8.8.6/8.8.6) id SAA26084
	for dev.null; Sun, 3 Aug 1997 18:39:12 +0300 (EEST)
To: freebsd-security@freebsd.org
Subject: Re: setuid shutdown?
Date: 3 Aug 1997 18:39:10 +0300
Message-ID: <5s28mu$pev$1@grunt.vl.kharkov.ua>
X-Newsreader: TIN [UNIX 1.3 unoff BETA 970709; i386 FreeBSD 2.2.2-RELEASE]
X-Via: News-To-Mail v1.0 <doka@kharkiv.net>
From: Vladimir Litovka <doka@grunt.vl.kharkov.ua>
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hello!

Jonathan A. Zdziarski <jonz@netrail.net> wrote:

> I just realized that my version of freebsd 2.2.2 installs with a
> set-uid-root shutdown command allowing anybody who wants to to shutdown or
> reboot the server.

Why anybody? /sbin/shutdown installed as:
 -r-sr-x---	root	operator	shutdown

So only users, that is in 'operator' group allowed to start this program.
This is enought security, I think.

Sinc, Doka

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        ~NewsGate~ (c) Vladimir Litovka <doka@kharkiv.net>