Devdas Bhagat wrote:
>
> Does consolehelper have permission to execute shutdown? consolehelper is
> suid root, but I presume that it will look only in the current path for
> the executable, and not outside it. (su does not change your current
> path).
Basically, for any program under /sbin, ie for /sbin/foo, there is a
corresponding program called /usr/bin/foo that is executable by non root
users. These files are executed through console-helper. console-helper
will check for file /etc/pam.d/foo and only if it exists will allow user
to
execute foo. But I can bypass all this by just executing /sbin/foo
regardless of who or where I am.
> If you want to shutdown the physical console (as different from
> terminal), then you need to be root. Else, the user should be able to
> shutdown. (I have no network experience, but this may be a possibility).
That's my problem. If someone telnets into my system and executes
/sbin/shutdown, what then? Ok, I can set /sbin/shutdown as -rwx------
and
that will save me, but why isn't it default? This seems to be a bug in
RedHat at least. I think everyone should check their systems to see if
programs in /sbin and /usr/sbin are world executable.
Lets make a list of distros that have this problem and tell them about
it.
Philip
To subscribe / unsubscribe goto the site www.ilug-bom.org ., click on the mailing list
button and fill the appropriate information
and submit. For any other queries contact the ML maintener
