Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 8127 - Any user can shutdown RH 6.x boxen
Summary: Any user can shutdown RH 6.x boxen
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: usermode
Version: 6.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Michael K. Johnson
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-01-03 04:20 UTC by preed
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2000-01-04 14:13:26 UTC


Attachments (Terms of Use)

Description preed 2000-01-03 04:20:41 UTC
This surprised the hell out of me, but I tried it with my current, fresh
RHAT 6.1 install, and it worked perfectly. Very simply, any user can
shutdown a RHAT 6.x box.

[preed@excelsior preed]$ whoami
preed
[preed@excelsior preed]$ shutdown -k now
Password: <typed in preed's password>
Broadcast message from root Sun Jan  2 20:31:24 2000...

The system is going down to maintenance mode NOW !!
[preed@excelsior preed]$

Now, I don't know if this is a "feature," but allowing any user to shutdown
boxen on RHAT 6.x isn't a good thing (tm).

I tested with 6.1; a friend who told me about it tested with 6.0.

BTW, props to Kennan (kmblehm@sigkill.com) for reporting this to me...

Comment 1 Jeff Johnson 2000-01-04 14:13:59 UTC
This is a feature of PAM console. Any user who has access to the console
and knows the password of the logged in user can shutdown a Red Hat 6.1
box.

Comment 2 preed 2000-01-04 22:18:59 UTC
I just tested this by logging in remotely through an ssh session, and executing
the same string of commands as shown above; the same result occured (a shutdown
commenced). I also tested this through an xterm, NOT on the console.

I will be testing this more thoroughly on someone else's box tonight, but I
wouldn't call something where any Joe Blow user who has access to a RHAT 6.x box
can shut it down a "feature."

If it is indeed a "feature," how do I turn said "feature" off?

Comment 3 Marek 'PAVUK' Antozi 2000-02-24 12:19:59 UTC
it works on rh 6.2 beta too .. usermode-1.19-2 ...
i fix this by editing files in /etc/security/console.apps, for example:
$ cat halt
USER=root
PROGRAM=/sbin/halt

it works ... i thing that will be more secure distribute package usermode
with these fixes ... please ...

Comment 4 Nalin Dahyabhai 2000-02-28 22:11:59 UTC
Are you sure you are not also logged in at the console?  The definition of
"console" pam_console uses is the physical screen/keyboard combination.  If
you are logged in on a VT and then start X, you are still logged in at the
console.  That you are executing the halt command from an xterm is immaterial.
The same applies for situations where you log in remotely.  If you happen to
be logged in at the workstation at the same time, you will be able to execute
commands that require access to the console.

Comment 5 preed 2000-02-29 00:36:59 UTC
I just tested this in my RHAT 6.1 box (usermode-1.18-1) where I was ONLY logged
in through X (i.e. runlevel 5), and it prompted me for my password, and executed
the halt.

So, for clarification, I was NOT logged in to a VT.

Immaterial of all of this, assuming that because someone is logged in on the
console, they should have the right to shut down the machine with their own
password is not a "feature." It's a bug, and RHAT should just admit it, and fix
it.


Note You need to log in before you can comment on or make changes to this bug.