Re: Non-priv'ed users able to reboot RH 7.0?

[Matt Wilson <msw () REDHAT COM>]

The "reboot" command run as a normal user works only from a console
login.  This is the same as being able to press "Ctrl+Alt+Del" on the
local keyboard.

For information on how this is done, look at:

man pam_console
man consolehelper

To require a password for even console users, edit /etc/pam.d/reboot
and /etc/pam.d/halt and uncomment the:

auth       required /lib/security/pam_stack.so service=system-auth

line.  To disable non-root access to reboot and halt, change the pam
settings to look like this:

auth       required /lib/security/pam_rootok.so
account    required /lib/security/pam_permit.so

Cheers,

Matt

On Sat, Oct 07, 2000 at 06:15:09PM -0400, Joe Testa wrote:
> Hi.
>
>     I've found on my personal Redhat 7.0 system that any unprivilaged
> user can issue a 'reboot' command to reboot the machine.  I have another
> RH 7 box, but I haven't been able to reproduce it on that one.  Both
> systems were installed using the "Custom" option, and on clean HDs.  My
> personal system has GNOME installed and other necessary items.  The
> other system is a webserver, so it has very little on it besides apache,
> gcc, etc...
>
>     Here's an example:
>
>
> sh-2.04$ uname -a
> Linux virtue 2.2.16-22 #1 Tue Aug 22 16:49:06 EDT 2000 i686 unknown
> sh-2.04$ id
> uid=99(nobody) gid=99(nobody) groups=99(nobody)
> sh-2.04$ reboot
>
> Broadcast message from root (tty1) Sat Oct  7 16:02:49 2000...
>
> The system is going down for reboot NOW !!
> ...
> ...
> ____________________________________
>
>
> sh-2.04$ reboot
> reboot: must be superuser.
> sh-2.04$
>
>
>
>
>     Can anyone else reproduce this?
>
>         - Joe Testa