[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Shutdown process from login prompt
> > I remember on some older Unix systems, there was a shutdown user. How
> > about re-implementing that... it could run a process, that would check if
> > there were users on the system, and shut it down cleanly if there weren't
> > any?
> There's a big security flaw in having several people knowing the one
> password though. You have a password that is "common knowledge". How about
> a "shutdown" group ?
The shutdown user is inherently dangerous, because it's the world's second
best DoS attack, behind only teardrop. "You want to use your computer?
Nope, nah nah nah nah nah nah!, I can shut it down before you get a login
prompt, every time, over the network." OK, done properly it's not that
severe, but you see my point?
A shutdown group is a more sensible method, but again, this lacks checks.
I think a properly built login process, using XDM (hacked or not) and/or
other programs, would allow everything needed, including secure but freely
available reboot and shutdown functions, plus the security of disallowing
these functions if the (non root) user trying them isn't the only person
using the machine.
The challenge is building this service securely enough to completely
disallow external attacks. For instance, these options (reboot, shutdown)
would *only* be available from the login screen on the local display.
Anyone else wanting to shut down the machine (remotely, for instance) would
have to log in completely before calling shutdown (say, if you have an
APM-based power-off-on-shutdown system). There are more details, but these
need to be worked out.
Someone here should attempt to build just such a system. Rather than
discussing it without any experience or facts to back things up, let's get
someone building it, and see how feasible it is. Discussion alone builds a
house of cards.
Erik Walthinsen <firstname.lastname@example.org> - SEUL Project system architect
/ \ SEUL: Simple End-User Linux -
| | M E G A Creating a Linux distribution
_\ /_ for the home or office user