[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Shutdown process from login prompt

> >   I remember on some older Unix systems, there was a shutdown user.  How
> > about re-implementing that... it could run a process, that would check if
> > there were users on the system, and shut it down cleanly if there weren't
> > any?
> There's a big security flaw in having several people knowing the one
> password though. You have a password that is "common knowledge". How about
> a "shutdown" group ?

The shutdown user is inherently dangerous, because it's the world's second 
best DoS attack, behind only teardrop.  "You want to use your computer?  
Nope, nah nah nah nah nah nah!, I can shut it down before you get a login 
prompt, every time, over the network."  OK, done properly it's not that 
severe, but you see my point?

A shutdown group is a more sensible method, but again, this lacks checks.

I think a properly built login process, using XDM (hacked or not) and/or 
other programs, would allow everything needed, including secure but freely 
available reboot and shutdown functions, plus the security of disallowing 
these functions if the (non root) user trying them isn't the only person 
using the machine.

The challenge is building this service securely enough to completely 
disallow external attacks.  For instance, these options (reboot, shutdown) 
would *only* be available from the login screen on the local display.  
Anyone else wanting to shut down the machine (remotely, for instance) would 
have to log in completely before calling shutdown (say, if you have an 
APM-based power-off-on-shutdown system).  There are more details, but these 
need to be worked out.

Someone here should attempt to build just such a system.  Rather than 
discussing it without any experience or facts to back things up, let's get 
someone building it, and see how feasible it is.  Discussion alone builds a 
house of cards.

     Erik Walthinsen <omega@seul.org> - SEUL Project system architect
       /  \                SEUL: Simple End-User Linux -
      |    | M E G A            Creating a Linux distribution
      _\  /_                         for the home or office user