Very general shutdown question
James Alexander Cook
james.cook at utoronto.ca
Mon Feb 7 04:26:19 PST 2005
On Mon, Feb 07, 2005 at 11:49:22AM +0000, Dick Davies wrote:
> * Steven <freebsd at gizm0.org> [0203 23:03]:
> > Hello Ned,
> >
> > you can add the user to the operator group. it is possible to run
> > shutdown then (but not halt etc).
>
> Be caneful of that, I think operator has other privileges too
> (can read from any disk for starters).
>
>
> > You could also create a shutdown user with a login shell pointing to a
> > shutdown script.
>
> But that won't work if they still don't have permission to run it...
>
What if you put the shutdown user in the operator group?
I don't plan to use this solution, but out of curiousity, are there any
security problems with creating a privileged user with a widely known password
but a login shell that does something specific, like shutting down the system?
- James Cook
james.cook at utoronto.ca
More information about the freebsd-questions
mailing list