On Sunday 22 March 2015 13:04:44 Nikos Chantziaras wrote: > On 22/03/15 12:30, Peter Humphrey wrote: > > On Saturday 21 March 2015 16:20:17 Jc García wrote: > >>> Interesting. But as I said ealier, I can reboot the system when I am a > >>> user by Ctrl+Alt+Delete. The user can reboot the system, but can't > >>> shut > >>> down? Strange > >> > >> It's not strange, `man 2 reboot`. It's a defined behavior. > > > > I'm with German here. Being designed that way doesn't stop it being > > strange. > > > > Consider: I'm an ordinary user sitting at a terminal. I'm not allowed to > > halt the machine, but I am allowed to reboot it into perhaps some quite > > other configuration. Or I can keep rebooting it over and again, > > effectively preventing the machine from doing its job. How does that > > make sense? > The thinking is that you can unplug the machine, or press the hardware > reset or power button, or flip the PSU switch... > > Preventing a ctrl+alt+del reboot does not add anything to security. > Security doesn't really apply to users with physical access to the > machine.
Indeed, as witness many successful hijacks of supposedly secure systems. > However, this is just a default. You can easily disable reboot on > ctrl+alt+del by editing /etc/inittab and commenting-out this line: > > ca:12345:ctrlaltdel:/sbin/shutdown -r now All good sense. > Note though, that is someone wants to reboot, and ctrl+alt+del doesn't > work, pressing the reset button is far worse, since there's no clean > shutdown performed (unmounting filesystems after flushing caches, etc.) > Because of that, the default of allowing ctrl+alt+del for local users > makes more sense than disabling it. And there's no arguing with that! :_) -- Rgds Peter.
