Date: 3 Aug 1997 18:39:10 +0300 From: Vladimir Litovka <doka@grunt.vl.kharkov.ua> To: freebsd-security@freebsd.org Subject: Re: setuid shutdown? Message-ID: <5s28mu$pev$1@grunt.vl.kharkov.ua>
next in thread | raw e-mail | index | archive | help
Hello!
Jonathan A. Zdziarski <jonz@netrail.net> wrote:
> I just realized that my version of freebsd 2.2.2 installs with a
> set-uid-root shutdown command allowing anybody who wants to to shutdown or
> reboot the server.
Why anybody? /sbin/shutdown installed as:
-r-sr-x--- root operator shutdown
So only users, that is in 'operator' group allowed to start this program.
This is enought security, I think.
Sinc, Doka
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~NewsGate~ (c) Vladimir Litovka <doka@kharkiv.net>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5s28mu$pev$1>