From owner-freebsd-current Thu Nov 22 16:11:45 2001 Delivered-To: freebsd-current@freebsd.org Received: from router.hackerheaven.org (qn-213-73-194-201.quicknet.nl [213.73.194.201]) by hub.freebsd.org (Postfix) with ESMTP id 1524937B405 for ; Thu, 22 Nov 2001 16:11:38 -0800 (PST) Received: by router.hackerheaven.org (Postfix, from userid 1000) id 725031CA3; Fri, 23 Nov 2001 01:11:21 +0100 (CET) Date: Fri, 23 Nov 2001 01:11:21 +0100 From: Emiel Kollof To: Hiten Pandya Cc: current@freebsd.org Subject: Re: [SUGGESTION] - disallowing shutdown after su(1) Message-ID: <20011123011121.B17877@laptop.hackerheaven.org> References: <20011122144011.50097.qmail@web21104.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011122144011.50097.qmail@web21104.mail.yahoo.com> User-Agent: Mutt/1.3.23i X-Mailer: Mutt 1.3.23i (2001-10-09) X-Editor: Vim http://www.vim.org/ X-Info: http://www.hackerheaven.org/ X-Info2: http://www.cmdline.org/ X-Info3: http://www.coolvibe.org/ Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Hiten Pandya (hitmaster2k@yahoo.com) wrote: [disallowing a su'ed root to shutdown the machine proposition snipped] > this would be very good, i think if someone broke into > a normal user and was able to gain access into root > using su... (without a password..) I fail to see anything 'good' in that... And there is a flaw in your reasoning. It really does not add any security. There are lots of other ways to shut down a computer without using 'shutdown'. Heck, if one had access to a compiler while being root there are a myriad more. Limiting the shut-down functions is a bad idea how ever you turn it. Usually, if you detect a breakin/intrusion, a shutdown can be the only way to save your data for post-mortem analysis. People who restrict direct root logins are not far and between. It would be a real pain in the back end if one can not shut down a box if something awry or heinous is happening, to prevent further damage. Of course if people really want it, there's always your patch they can download and install :-) (don't you love free software for that?) I also wonder why an attacker would want to shut down a box. The average script kid would want the box to be up and running, for whatever purpose, and for bragging rights of course. The only reason I see is denial of service. Meddling with the shutdown mechanisms is only cutting yourself in your fingers, as an administrator. My guess is using some sense and sensibility is the best tool one could use to thwart attackers. Have you read "Practical UNIX and Internet Security", written by Simson Garfinkel and Gene Spafford? (ISBN 1-56592-148-8) I suggest you do. It will enlighten you where some real problems are. Cheers, Emiel -- There's only one way to have a happy marriage and as soon as I learn what it is I'll get married again. -- Clint Eastwood To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message