On Mon, Sep 15, 2003 at 09:46:26PM +0200, Carlos Perell� Mar�n wrote: > El lun, 15-09-2003 a las 21:06, Thomas Morin escribi�: > > Hi, > > Hi > > [...] > > > Here is the principle I propose : > > - at logout, gnome-session proposes the reboot and halt options to the > > user > > - if halt [or reboot] is chosen, a $HOME/.gdm-halt file [or .gdm-reboot] > > file is created > > - in the gdm PostSession script (which is run by gdm as root), the > > existence of those files is tested > > - if one of them exists and if the configuration allows, shutdown > > (or reboot) of the workstation is triggered > > It's not a bad idea but it has some security issues. What happens if an > application executes "touch $HOME/.gdm-reboot"? the user does not want > reboot the machine but a virus/trojan could do it without problems
What about gdm passing to gnome-session a magic number or something, and gdm would only reboot/halt if this same magic number would be found in the .gdm-reboot/halt file ? As the magic number will only be known to gdm and gnome-session, it should be secure, unless your random number generator is compromised, but in these case, i suspect you are in deeper trouble anyway. I am no security expert though. Friendly, Sven Luther
