On Tuesday 31 July 2001 h:18, Tzafrir Cohen wrote:
> On Tue, 31 Jul 2001, Jay DeKing wrote:
> > To allow users other than root to shut down the computer safely:
> >
> > 1. Start up the userconf utility (you will need the root password)
> > 2. Select "user accounts"
> > 3. Select the user to whom you wish to grant the ability to shut down.
> > 4. Under the "Privileges" tab, activate the "Granted" button next to the
> > "May shutdown" option.
> > 5. Accept the changes and exit userconf.
>
> But this means that the user will be able to shutdown only through
> linuxconf's interface.
Are you sure about that? I did this with my personal account and I can shut
down from the logout screen.
Jay
>
> Also, if the user is working in the console, there is the obvious way of
> pressing ctrl-alt-del (maybe pressing ctrl-alt-f1 to get out of X first).
>
> This is something _very_ simple if only trusted users are to have physical
> acces to the system.
>
> > Jay
> >
> > On Monday 30 July 2001 h:44, Ric Tibbetts wrote:
> > > You need to do a set UID to root, so that it will always run as root,
> > > no matter who launches. Then control execute permission with the group
> > > as you're trying to do.
>
> Generally you shouldn't make the binary itself SUID root, because you can
> never know what parameters it can receive. Instead you should use programs
> like sudo or super, which allow a much better control over what paramters
> are allowed to pass to those commands, who may run those commands, etc.
--
I used to think I had an appetite for destruction, but all I really wanted
was a club sandwich.
