Re: shutdown prompt question

["Sean Middleditch" <sean middleditch Iname com>]

> Sean Middleditch <sean.middleditch@iname.com> writes:
> > Yes, root password or user password, or the password of any other user,
I believe.
> >  I'm not too sure on it's specifics.
> >
>
> I'm pretty sure it doesn't take whatever you typed and scan the whole
> password database and accept any matches. :-) It could, I guess, but I
> tend to doubt it. A pretty good hacking tool if it does...

Each program configures for consolehelper can be configured to require any
particular user's password, I believe.  I'm not too sure, as I haven't done
much with it's configuration (I've done things like setup linuxconf in it).

> > The actual  commands have root privaledges, I believe.
>
> No they don't :-)

Odd.  They did on my RedHat machine.  It was an upgrade from older versions,
perhaps that is why?  I'm now running Mandrake 7.0, and here, halt and
reboot have no root privaledges.

> > I have been able to run
> > them as a normal user.  If they aren't, you can always chmod 4777 on the
halt and
> > reboot executables (or the shutdown executable, since all halt and
reboot do is
> > call that program).
> >
>
> chmod 4777 is a fairly bad idea, I would say, if your machine so much
> as looks sideways at the internet. :-)

No one can telnet into my machine from the internet except for my machine at
school, so if someone can actually get in and run the commands, I have more
problems than the fact my machine has been halted/rebooted.  I seem to
forget most other people at their homes aren't set up like that.  Forgive
me.:)

> Anyway everyone can already execute the commands, but you need to be
> root for that execution to do anything. That is what PAM does for you.
> You could also use sudo or the like.

Sean Middleditch