[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

secure shutdown - sudo or setuid



Hello,

this is about a pure client that dosen't offer any service which has
to be available such as a notebook or a station in a Lan.

What is the recomended way to allow a nonprivileged user to perform
a shutdown?
Should one set the uid-bit of /sbin/shutdown or configure sudo or is
there something better?
Sudo is probably better suited for medium to large networks. 
How about a standalone workstation?

I've read that sudo required a security patch. So is it secure now?

My configuration looks like:

root	ALL=(ALL) ALL
%users  ALL= NOPASSWD: /sbin/mount /mnt/cdrom,/sbin/umount /mnt/cdrom
%users  ALL= NOPASSWD: /sbin/mount /mnt/floppy,/sbin/umount /mnt/floppy
%users  thishost = NOPASSWD: /sbin/shutdown -* now


-Hanspeter