From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id AC055138CC5 for ; Sun, 22 Mar 2015 11:28:02 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 336D4E0854; Sun, 22 Mar 2015 11:27:50 +0000 (UTC) Received: from smarthost01c.mail.zen.net.uk (smarthost01c.mail.zen.net.uk [212.23.1.5]) by pigeon.gentoo.org (Postfix) with ESMTP id E794CE08DD for ; Sun, 22 Mar 2015 11:27:48 +0000 (UTC) Received: from [82.69.80.10] (helo=wstn.localnet) by smarthost01c.mail.zen.net.uk with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from ) id 1YZe2l-000BMX-QM for gentoo-user@lists.gentoo.org; Sun, 22 Mar 2015 11:27:47 +0000 From: Peter Humphrey To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: How to poweroff the system from user? Date: Sun, 22 Mar 2015 11:27:47 +0000 Message-ID: <1973791.yPhV807uKP@wstn> Organization: Society for Retired Gentlefolk User-Agent: KMail/4.14.3 (Linux/3.18.7-gentoo; KDE/4.14.3; x86_64; ; ) In-Reply-To: References: <20150321152656.a82a84b3e8a32c8b68554548@gmail.com> <2098241.ygyfAjpUPx@wstn> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" X-Originating-smarthost01c-IP: [82.69.80.10] X-Archives-Salt: 7e15148d-ac92-4780-8281-9f6be33f4171 X-Archives-Hash: c3c9559b28395488a65aa2f3911d3b0e On Sunday 22 March 2015 13:04:44 Nikos Chantziaras wrote: > On 22/03/15 12:30, Peter Humphrey wrote: > > On Saturday 21 March 2015 16:20:17 Jc Garc=EDa wrote: > >>> Interesting. But as I said ealier, I can reboot the system when I= am a > >>> user by Ctrl+Alt+Delete. The user can reboot the system, but can'= t > >>> shut > >>> down? Strange > >>=20 > >> It's not strange, `man 2 reboot`. It's a defined behavior. > >=20 > > I'm with German here. Being designed that way doesn't stop it being= > > strange. > >=20 > > Consider: I'm an ordinary user sitting at a terminal. I'm not allow= ed to > > halt the machine, but I am allowed to reboot it into perhaps some q= uite > > other configuration. Or I can keep rebooting it over and again, > > effectively preventing the machine from doing its job. How does tha= t > > make sense? > The thinking is that you can unplug the machine, or press the hardwar= e > reset or power button, or flip the PSU switch... >=20 > Preventing a ctrl+alt+del reboot does not add anything to security. > Security doesn't really apply to users with physical access to the > machine. Indeed, as witness many successful hijacks of supposedly secure systems= . > However, this is just a default. You can easily disable reboot on > ctrl+alt+del by editing /etc/inittab and commenting-out this line: >=20 > ca:12345:ctrlaltdel:/sbin/shutdown -r now All good sense. > Note though, that is someone wants to reboot, and ctrl+alt+del doesn'= t > work, pressing the reset button is far worse, since there's no clean > shutdown performed (unmounting filesystems after flushing caches, etc= .) > Because of that, the default of allowing ctrl+alt+del for local users= > makes more sense than disabling it. And there's no arguing with that! :_) --=20 Rgds Peter.