From owner-freebsd-current Thu Nov 22 6:56:38 2001 Delivered-To: freebsd-current@freebsd.org Received: from vbook.express.ru (asplinux.ru [195.133.213.194]) by hub.freebsd.org (Postfix) with ESMTP id 937E637B416 for ; Thu, 22 Nov 2001 06:56:35 -0800 (PST) Received: from vova by vbook.express.ru with local (Exim 3.31 #2) id 166vHO-0000IG-00; Thu, 22 Nov 2001 17:56:42 +0300 From: "Vladimir B. Grebenschikov" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15357.4649.86766.85777@vbook.express.ru> Date: Thu, 22 Nov 2001 17:56:41 +0300 To: Hiten Pandya Cc: current@freebsd.org Subject: [SUGGESTION] - disallowing shutdown after su(1) In-Reply-To: <20011122144011.50097.qmail@web21104.mail.yahoo.com> References: <20011122144011.50097.qmail@web21104.mail.yahoo.com> X-Mailer: VM 6.96 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hiten Pandya writes: > hi all, > > correct me if i am wrong.. but.. > do you think, if we denied a shutdown after an su(1) > to root from a non-privileged user would be good... > > i tried this same thing at home.. i builded it and > installed it.. works fine for me... the patch below > will allow a shutdown only be logging into root itself > and not by issuing an su(1) command to root. > > this would be very good, i think if someone broke into > a normal user and was able to gain access into root > using su... (without a password..) > > i am submitting a tar.gz file, which has the patch for > the shutdown.8 manpage, and shutdown.c located at.. > src/sbin/shutdown.c... I think this idea have no any sence because beeing root you CAN shutdown machine not depending on how you became root. few examples: # kill -USR2 (see init(8) - halt) build fresh shutdown halt -q so ... > thanks... > > > ===== > regards, > Hiten Pandya > > > ---------------------------------------------------- > Guys!... stay away from Einstein Junior! > ---------------------------------------------------- > > __________________________________________________ > Do You Yahoo!? > Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. > http://geocities.yahoo.com/ps/info1 -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message