[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

secure shutdown - sudo or setuid

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: secure shutdown - sudo or setuid
From: Hanspeter Roth <hanspeter_roth_(_at_)_hotmail_(_dot_)_com>
Date: Tue, 19 Feb 2002 22:37:59 +0100
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
Reply-to: misc_(_at_)_openbsd_(_dot_)_org

Hello,

this is about a pure client that dosen't offer any service which has
to be available such as a notebook or a station in a Lan.

What is the recomended way to allow a nonprivileged user to perform
a shutdown?
Should one set the uid-bit of /sbin/shutdown or configure sudo or is
there something better?
Sudo is probably better suited for medium to large networks. 
How about a standalone workstation?

I've read that sudo required a security patch. So is it secure now?

My configuration looks like:

root	ALL=(ALL) ALL
%users  ALL= NOPASSWD: /sbin/mount /mnt/cdrom,/sbin/umount /mnt/cdrom
%users  ALL= NOPASSWD: /sbin/mount /mnt/floppy,/sbin/umount /mnt/floppy
%users  thishost = NOPASSWD: /sbin/shutdown -* now


-Hanspeter

Follow-Ups:
- Re: secure shutdown - sudo or setuid
  - From: Saad Kadhi
- Re: secure shutdown - sudo or setuid
  - From: Bruno Rohee

Prev by Date: Thanks to all about 'mi'
Next by Date: ddb> in regress/sys/kern/unfdpass
Previous by thread: Thanks to all about 'mi'
Next by thread: Re: secure shutdown - sudo or setuid
Index(es):
- Date
- Thread

Visit your host, monkey.org