Date: Fri, 10 Dec 2010 01:27:58 -0600 From: Adam Vande More <amvandemore@gmail.com> To: Rob Farmer <rfarmer@predatorlabs.net> Cc: freebsd-stable@freebsd.org Subject: Re: /sbin/reboot Message-ID: <AANLkTinAQDD%2BKkgz25k2_1hyiwn3E50qExpdO3vYDZR2@mail.gmail.com> In-Reply-To: <AANLkTi=D5LrCCAdOc5FLp%2BXgBu=yNkuP4QoAgeGHUYfq@mail.gmail.com> References: <AANLkTimEvQ7amDeFE9eG%2BO9G664jXAWb9hhSt0bU%2B3DR@mail.gmail.com> <20101210060335.BCDCC1CC12@ptavv.es.net> <AANLkTikgGSyRLnDS6Oihw2u3SYjeZRrQWdSa9Z4t7UAE@mail.gmail.com> <AANLkTi=D5LrCCAdOc5FLp%2BXgBu=yNkuP4QoAgeGHUYfq@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Dec 10, 2010 at 1:04 AM, Mark Andrews <marka@isc.org> wrote: > When you have administered multi-user systems you learn to do things > gracefully unless you actually need to do things abbruptly. > Yes I of course I use shutdown -r on a multi-user system in the rare times I deal with one. However that's not much of a reason not to have reboot in the operator group, especially if you're like me in thinking the vast majority of installs are single user type systems. As the end of the day, it's pretty trivial to me one way or the other but I do think the current way is a POLA violation. On Fri, Dec 10, 2010 at 1:10 AM, Rob Farmer <rfarmer@predatorlabs.net>wrote: > I haven't thought about the situation in any detail, but nothing jumps > out at me from the manpage. > shutdown will also pass the -n flag to reboot or halt as the man page describes. Also the simplest DoS from shutdown -p/h. All I'm saying is that if you're comfortable with the privs operator gives to the user, there shouldn't be much qualms in granting reboot's functionality. Looks like just mksnap_ffs and shutdown have operator grouping by default. -- Adam Vande More
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTinAQDD%2BKkgz25k2_1hyiwn3E50qExpdO3vYDZR2>