From owner-freebsd-questions Fri Mar 21 05:13:48 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id FAA14678 for questions-outgoing; Fri, 21 Mar 1997 05:13:48 -0800 (PST) Received: from horton.iaces.com (root@horton.iaces.com [204.147.87.98]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA14673 for ; Fri, 21 Mar 1997 05:13:45 -0800 (PST) Received: (from proot@localhost) by horton.iaces.com (8.8.5/8.8.4) id HAA16264; Fri, 21 Mar 1997 07:13:42 -0600 (CST) From: "Paul T. Root" Message-Id: <199703211313.HAA16264@horton.iaces.com> Subject: Re: chmod, chown, and shutdown. To: durang@u.washington.edu (K. Marsh) Date: Fri, 21 Mar 1997 07:13:42 -0600 (CST) Cc: questions@freebsd.com In-Reply-To: from "K. Marsh" at "Mar 20, 97 04:18:17 pm" X-Organization: !nterprise Networking Services - ACES X-Phone: (612) 663-1979 X-Fax: (612) 663-8030 X-Page: (800) SKY-PAGE PIN: 537-7270 X-Address: 200 S. 5th St., Suite 1100 X-Address: Minneapolis, MN 55402 X-Mailer: ELM [version 2.4ME+ PL22 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk In a previous message, K. Marsh said: > My roomate uses my computer to check his e-mail and do a little web > browsing in FreeBSD, as well as to use Word, Excel, and other expensive > programs in that other operating system. > > How can I give him the ability to issue "shutdown" without giving him root > privileges? > > I am aware that it may be a security hole, but he's not going to hack my > system. I just don't want him to able to destroy everything by accident. > > I tried using chmod and chown on the binary, but even when he owns it and > it's in 777 mode, it doesn't execute. > > I'm using 2.2-RELEASE if it makes any difference. > > Thanks, Ken Marsh I create another user that has shutdown halt or reboot as its login shell. And have its ID as 0. In the past, I've also put halt or reboot on port that you can telnet to (in inetd.conf). Though I wouldn't recommend either for machines that connect on the internet. -- "Yeah, I hit her, but I didn't hit her more than the average guy beats his wife." --Ike Turner, explaining his persistent abuse of his former wife, singer, Tina Turner, 1985.